[squid-dev] [PATCH] Base64 crypto replacement
Markus Moeller
huaraz at moeller.plus.com
Sat Jan 3 17:27:42 UTC 2015
Hi Amos,
The problem is that the wrong input size is used for the decoding.
base64_decode_update(&ctx, &dstLen,
static_cast<uint8_t*>(input_token.value), input_token.length, b64Token)
You need to use strlen(b64Token) not input_token.length.
What I wonder is why dstLen is different to input_token.length ( at least in
my tests dstLen was 2 smaller than input_token.length)
Shouldn't input_token.length = BASE64_DECODE_LENGTH(strlen(buf+3)); be the
same as dstLen (I haven't yet time to analyse the code) ?
Markus
"Markus Moeller" wrote in message news:m8945o$tta$1 at ger.gmane.org...
Hi Amos,
My helper does not work with it. I get
negotiate_kerberos_auth.cc(670): pid=17860 :2015/01/03 16:01:43|
negotiate_kerberos_auth: ERROR: Invalid base64 token [YIIE6QYGKwYB...]
from here:
struct base64_decode_ctx ctx;
base64_decode_init(&ctx);
size_t dstLen = 0;
if (!base64_decode_update(&ctx, &dstLen,
static_cast<uint8_t*>(input_token.value), input_token.length, b64Token) ||
!base64_decode_final(&ctx)) {
debug((char *) "%s| %s: ERROR: Invalid base64 token [%s]\n", LogTime(),
PROGRAM, b64Token);
fprintf(stdout, "BH Invalid negotiate request token\n");
continue;
}
I'll see if I can find the reason.
Markus
"Amos Jeffries" wrote in message news:54A26CAF.9050808 at treenet.co.nz...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This has now been merged to trunk as rev.13785.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUomyuAAoJELJo5wb/XPRj05cH/jRTRdAsoYxSBSi12qrRKta5
LbCQpPHYPJNEhRYatYCa4yKI2TOnuoWlPFE1llfAmy0kjfQfxktjundMpmU0qolb
ZRSbEKSbmvDylGTf9FnBmzxLNSyM0ymYbi6yAe7Q6QM2qecSxc+eIutjDWkEOKgZ
8ycRVd7r1RmMqot0arZpgc+uIxoCVoLk3j3FSKOJ8tzlAjexivy+hx3E/C3YTQpz
/bENEPJ5H2SHVx2PontZaBc3cFr9eLNLQiaCX8Bf4O/a694YAy+DbkMtFn6WVDUc
S7Ihtw9UVp0dI7sqyu7mNKFXJVW8OQkD7XDNLgXJ5kNcp40tXPTt4c/Yi7S2AEE=
=RKON
-----END PGP SIGNATURE-----
_______________________________________________
squid-dev mailing list
squid-dev at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev
_______________________________________________
squid-dev mailing list
squid-dev at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev
More information about the squid-dev
mailing list