---------------------
PatchSet 1056 
Date: 2004/08/29 16:12:09
Author: serassio
Branch: nt
Tag: (none) 
Log:
Forward port of latest changes from 2.5 Windows native helpers

Members: 
	helpers/external_acl/win32_group/win32_check_group.c:1.2.18.7->1.2.18.8 
	helpers/ntlm_auth/NTLMSSP-WIN32/libntlmssp.c:1.2.18.6->1.2.18.7 
	helpers/ntlm_auth/NTLMSSP-WIN32/ntlm_auth.c:1.2.18.6->1.2.18.7 

Index: squid3/helpers/external_acl/win32_group/win32_check_group.c
===================================================================
RCS file: /cvsroot/squid-sf//squid3/helpers/external_acl/win32_group/Attic/win32_check_group.c,v
retrieving revision 1.2.18.7
retrieving revision 1.2.18.8
diff -u -r1.2.18.7 -r1.2.18.8
--- squid3/helpers/external_acl/win32_group/win32_check_group.c	15 Aug 2004 21:10:05 -0000	1.2.18.7
+++ squid3/helpers/external_acl/win32_group/win32_check_group.c	29 Aug 2004 16:12:09 -0000	1.2.18.8
@@ -207,7 +207,7 @@
 /* returns 0 on match, -1 if no match */
 static int wcstrcmparray(const wchar_t *str, const char **array)
 {
-    WCHAR wszGroup[256];	// Unicode Group
+    WCHAR wszGroup[GNLEN+1];	// Unicode Group
 
     while (*array) {
 	MultiByteToWideChar(CP_ACP, 0, *array,
@@ -225,7 +225,7 @@
 Valid_Local_Groups(char *UserName, const char **Groups)
 {
     int result = 0;
-    WCHAR wszUserName[256];	// Unicode user name
+    WCHAR wszUserName[UNLEN+1];	// Unicode user name
 
     LPLOCALGROUP_USERS_INFO_0 pBuf = NULL;
     LPLOCALGROUP_USERS_INFO_0 pTmpBuf;
@@ -295,13 +295,13 @@
 Valid_Global_Groups(char *UserName, const char **Groups)
 {
     int result = 0;
-    WCHAR wszUserName[256];	// Unicode user name
-    WCHAR wszLocalDomain[256];	// Unicode Local Domain
-    WCHAR wszUserDomain[256];	// Unicode User Domain
+    WCHAR wszUserName[UNLEN+1];     // Unicode user name
+    WCHAR wszLocalDomain[DNLEN+1];  // Unicode Local Domain
+    WCHAR wszUserDomain[DNLEN+1];   // Unicode User Domain
 
-    char NTDomain[256];
+    char NTDomain[DNLEN+UNLEN+2];
     char *domain_qualify;
-    char User[256];
+    char User[UNLEN+1];
 
     LPWSTR LclDCptr = NULL;
     LPWSTR UsrDCptr = NULL;
@@ -565,6 +565,7 @@
 error:
 	    printf ("ERR\n");
 	}
+	err = 0;
     }
     return 0;
 }
Index: squid3/helpers/ntlm_auth/NTLMSSP-WIN32/libntlmssp.c
===================================================================
RCS file: /cvsroot/squid-sf//squid3/helpers/ntlm_auth/NTLMSSP-WIN32/Attic/libntlmssp.c,v
retrieving revision 1.2.18.6
retrieving revision 1.2.18.7
diff -u -r1.2.18.6 -r1.2.18.7
--- squid3/helpers/ntlm_auth/NTLMSSP-WIN32/libntlmssp.c	10 Apr 2004 10:12:44 -0000	1.2.18.6
+++ squid3/helpers/ntlm_auth/NTLMSSP-WIN32/libntlmssp.c	29 Aug 2004 16:12:10 -0000	1.2.18.7
@@ -27,8 +27,8 @@
 Valid_Group(char *UserName, char *Group)
 {
     int result = FALSE;
-    WCHAR wszUserName[256];	// Unicode user name
-    WCHAR wszGroup[256];	// Unicode Group
+    WCHAR wszUserName[UNLEN+1];	// Unicode user name
+    WCHAR wszGroup[GNLEN+1];	// Unicode Group
 
     LPLOCALGROUP_USERS_INFO_0 pBuf = NULL;
     LPLOCALGROUP_USERS_INFO_0 pTmpBuf;
@@ -215,9 +215,9 @@
 ntlm_check_auth(ntlm_authenticate * auth, int auth_length)
 {
     int rv;
-    char domain[256];
-    char user[256];
-    static char credentials[1024];	/* we can afford to waste */
+    char domain[DNLEN+1];
+    char user[UNLEN+1];
+    static char credentials[DNLEN+UNLEN+2];	/* we can afford to waste */
 
     lstring tmp;
 
@@ -232,10 +232,15 @@
         }
         if (Use_Unicode) {
             /* copy unicode buffer */
-            WideCharToMultiByte(CP_ACP, 0, (LPCWSTR) tmp.str, tmp.l, domain, 256, NULL, NULL );
+            WideCharToMultiByte(CP_ACP, 0, (LPCWSTR) tmp.str, tmp.l, domain, DNLEN, NULL, NULL );
             /* add null termination */
             domain[tmp.l / sizeof(WCHAR)] = '\0';
         } else {
+            if (tmp.l > DNLEN) {
+	        debug("Domain string exceeds %d bytes, rejecting\n", DNLEN);
+	        ntlm_errno = NTLM_BAD_REQUEST;
+	        return NULL;
+            }
             memcpy(domain, tmp.str, tmp.l);
             domain[tmp.l] = '\0';
         }
@@ -247,10 +252,15 @@
         }
         if (Use_Unicode) {
             /* copy unicode buffer */
-            WideCharToMultiByte(CP_ACP, 0, (LPCWSTR) tmp.str, tmp.l, user, 256, NULL, NULL );
+            WideCharToMultiByte(CP_ACP, 0, (LPCWSTR) tmp.str, tmp.l, user, UNLEN, NULL, NULL );
             /* add null termination */
             user[tmp.l / sizeof(WCHAR)] = '\0';
         } else {
+            if (tmp.l > UNLEN) {
+	        debug("Username string exceeds %d bytes, rejecting\n", UNLEN);
+	        ntlm_errno = NTLM_BAD_REQUEST;
+	        return NULL;
+            }
             memcpy(user, tmp.str, tmp.l);
             user[tmp.l] = '\0';
         }
Index: squid3/helpers/ntlm_auth/NTLMSSP-WIN32/ntlm_auth.c
===================================================================
RCS file: /cvsroot/squid-sf//squid3/helpers/ntlm_auth/NTLMSSP-WIN32/Attic/ntlm_auth.c,v
retrieving revision 1.2.18.6
retrieving revision 1.2.18.7
diff -u -r1.2.18.6 -r1.2.18.7
--- squid3/helpers/ntlm_auth/NTLMSSP-WIN32/ntlm_auth.c	10 Apr 2004 10:12:44 -0000	1.2.18.6
+++ squid3/helpers/ntlm_auth/NTLMSSP-WIN32/ntlm_auth.c	29 Aug 2004 16:12:10 -0000	1.2.18.7
@@ -1,5 +1,5 @@
 /*
- * ntlm_auth: helper for NTLM Authentication for Squid Cache
+ * win32_ntlm_auth: helper for NTLM Authentication for Squid Cache
  *
  * (C)2002,2003 Guido Serassio - Acme Consulting S.r.l.
  *