Fix corner case in NTLM authentication (trac #172)

The problem is located in the file proxy.c within
"establish_http_proxy_passthru": To keep buffers small long
base64-encoded NTLM-Strings are truncated.

But the truncating is done on a wrong place: base 64 strings can be
cut every 4 chars. the buffer is 128 bytes - including the terminating
\0, so the usable data is only 127 bytes. And decoding a 127 char
base64 string fails... this is why the ntlm authentication fails in
certain cases (long strings)...

Acked-by: Joerg Willmann <joe@clnt.de>
URL: https://community.openvpn.net/openvpn/ticket/172

Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit f8ac53b98ed2513f1d80363b6fd2351f1b4ae511)

diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c
index 363d8a735f4db11df423de102fb0d1fc3823bf70..95d71531bc2ffbbfd096da669e8ff931b6d333eb 100644 (file)
--- a/src/openvpn/proxy.c
+++ b/src/openvpn/proxy.c
@@ -499,7 +499,7 @@ establish_http_proxy_passthru (struct http_proxy_info *p,
 {
   struct gc_arena gc = gc_new ();
   char buf[512];
-  char buf2[128];
+  char buf2[129];
   char get[80];
   int status;
   int nparms;
@@ -622,7 +622,7 @@ establish_http_proxy_passthru (struct http_proxy_info *p,
 
               openvpn_snprintf (get, sizeof get, "%%*s NTLM %%%ds", (int) sizeof (buf2) - 1);
               nparms = sscanf (buf, get, buf2);
-              buf2[127] = 0; /* we only need the beginning - ensure it's null terminated. */
+              buf2[128] = 0; /* we only need the beginning - ensure it's null terminated. */
 
               /* check for "Proxy-Authenticate: NTLM TlRM..." */
               if (nparms == 1)