From 43508fbdb175fada4454ac5ac33aeb3e77165e82 Mon Sep 17 00:00:00 2001
From: Elmar Vonlanthen <Elmar.Vonlanthen@united-security-providers.ch>
Date: Thu, 24 Oct 2013 09:24:01 -0600
Subject: [PATCH] ntlm_fake_auth: pass DOMAIN data to Squid in original case

Lower-casing the domain field can cause base ACL match results if the
ACL is checking for case-sensitive or upper-case domain label.

The helper should be emitting the standard UPPER case domain and many
administrators will be expecting that when they write ACLs.
---
 helpers/ntlm_auth/fake/ntlm_fake_auth.cc | 2 --
 1 file changed, 2 deletions(-)

diff --git a/helpers/ntlm_auth/fake/ntlm_fake_auth.cc b/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
index a7bf0732fb..c8ec4de987 100644
--- a/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
+++ b/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
@@ -224,7 +224,6 @@ main(int argc, char *argv[])
             } else if (ntlm_validate_packet(packet, NTLM_AUTHENTICATE) == NTLM_ERR_NONE) {
                 if (ntlm_unpack_auth((ntlm_authenticate *)packet, user, domain, decodedLen) == NTLM_ERR_NONE) {
                     lc(user);
-                    lc(domain);
                     if (strip_domain_enabled) {
                         SEND2("AF %s", user);
                     } else {
@@ -232,7 +231,6 @@ main(int argc, char *argv[])
                     }
                 } else {
                     lc(user);
-                    lc(domain);
                     SEND4("NA invalid credentials, user=%s%s%s", domain, (*domain?"\\":""), user);
                 }
             } else {
-- 
2.47.2