ntlm_fake_auth: pass DOMAIN data to Squid in original case

Lower-casing the domain field can cause base ACL match results if the
ACL is checking for case-sensitive or upper-case domain label.

The helper should be emitting the standard UPPER case domain and many
administrators will be expecting taht when they write ACLs.

diff --git a/helpers/ntlm_auth/fake/ntlm_fake_auth.cc b/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
index a7bf0732fb7bd3f54877ac7224397c33d08bc0ba..c8ec4de987ff1cd8dd56d8cd5bfef562e67a0121 100644 (file)
--- a/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
+++ b/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
@@ -224,7 +224,6 @@ main(int argc, char *argv[])
             } else if (ntlm_validate_packet(packet, NTLM_AUTHENTICATE) == NTLM_ERR_NONE) {
                 if (ntlm_unpack_auth((ntlm_authenticate *)packet, user, domain, decodedLen) == NTLM_ERR_NONE) {
                     lc(user);
-                    lc(domain);
                     if (strip_domain_enabled) {
                         SEND2("AF %s", user);
                     } else {
@@ -232,7 +231,6 @@ main(int argc, char *argv[])
                     }
                 } else {
                     lc(user);
-                    lc(domain);
                     SEND4("NA invalid credentials, user=%s%s%s", domain, (*domain?"\\":""), user);
                 }
             } else {