From: wessels <>
Date: Mon, 25 Aug 1997 22:37:18 +0000 (+0000)
Subject: David Luyer passwd security fix for PROXY_AUTH
X-Git-Tag: SQUID_3_0_PRE1~4812
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=26d86d59764600442b45560877cb302e81a29150;p=thirdparty%2Fsquid.git

David Luyer passwd security fix for PROXY_AUTH
---

diff --git a/src/client_side.cc b/src/client_side.cc
index 2c534cfa38..6e17698b9e 100644
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: client_side.cc,v 1.123 1997/08/25 02:19:31 wessels Exp $
+ * $Id: client_side.cc,v 1.124 1997/08/25 16:37:18 wessels Exp $
  *
  * DEBUG: section 33    Client-side Routines
  * AUTHOR: Duane Wessels
@@ -308,17 +308,20 @@ proxyAuthenticate(const char *headers)
     passwd++;
 
     /* See if we've already validated them */
+    passwd[0] |= 0x80;		/* check mutated password */
     if (strcmp(hashr->item, passwd) == 0) {
 	debug(33, 5) ("proxyAuthenticate: user %s previously validated\n", sent_user);
 	xfree(clear_userandpw);
 	return sent_user;
     }
+    passwd[0] &= ~(0x80);	/* check vs crypt */
     if (strcmp(hashr->item, (char *) crypt(passwd, hashr->item))) {
 	/* Passwords differ, deny access */
 	debug(33, 4) ("proxyAuthenticate: authentication failed: user %s passwords differ\n", sent_user);
 	xfree(clear_userandpw);
 	return (dash_str);
     }
+    passwd[0] |= 0x80;		/* store mutated password away */
     debug(33, 5) ("proxyAuthenticate: user %s validated\n", sent_user);
     hash_delete(validated, sent_user);
     hash_insert(validated, xstrdup(sent_user), xstrdup(passwd));