MSIE 3.0 and Squid

From: David Richards <[email protected]>
Date: Fri, 30 Jan 1998 17:24:02 +1000 (EST)

Just to let you all know, I have found a bug, whether it be in squid or in
MSIE or a combination of both.

When authentication is turned on, sometime MSIE provides the Proxy
Authorization header incorrectly.

The header usually has the following information:

Proxy Authorization: /y^M

Which some of you may realise, is incorrect. The correct version is:

Proxy Authorization: Basic WERFV@$#F@$#RWERFSDF@243=ewa^M

or something similar. The problem is that squid assumes that there is a
"Basic" after the header, you may recall the code:

    s += strlen(" Basic");
    sent_userandpw = xstrdup(s);

Well this is a memory violation and hence squid core dumps. I fixed it
putting before this code:

        if( strlen( s ) <= 6 ) { /* 6 => strlen( " Basic" ) */
                return( dash_str );
        }

I have also made some modifications so that it returns a different error
message, rather than Access Denied.

Seeya,

Dave.

-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
David Richards Ph: +61 7 3864 4347
Network Programmer Fax: +61 7 3864 5272
Computing Services E-mail: dj.richards@qut.edu.au
Queensland University of Technology
Brisbane, Australia
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
Received on Thu Jan 29 1998 - 23:26:46 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:34 MST