I have discovered that ntlm_auth from samba 3.0 doesn't correctly
authenticate a password containing the '+' character when the squid-2.5-basic
helper protocol is used. I observed this when trying to authenticate from
squid-2.5-STABLE4, so I suspect this is a genuine error. I have traced the
problem to the rfc1738_unescape subroutine, which for some reason replaces
'+' with ' '. As far as I can tell from rfc1738, it is completely legal to
have an unescaped '+' sign in a password.
Created attachment 339 [details]
Don't replace + with ' ' for ntlm_auth
This is the patch I propose for this, I need to test both SWAT and ntlm_auth
before I commit
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.