diff options
author | Christian Niessner | 2013-03-07 19:37:58 +0100 |
---|---|---|
committer | Gert Doering | 2013-03-07 19:37:58 +0100 |
commit | f8ac53b98ed2513f1d80363b6fd2351f1b4ae511 (patch) | |
tree | 0e5ca33a167adb581778dcbe80477a92dfe47e55 /src/openvpn/proxy.c | |
parent | d86d577031577dfd69e5ba104e0ce1cb5192c16a (diff) | |
download | openvpn-f8ac53b98ed2513f1d80363b6fd2351f1b4ae511.zip openvpn-f8ac53b98ed2513f1d80363b6fd2351f1b4ae511.tar.gz |
Fix corner case in NTLM authentication (trac #172)
The problem is located in the file proxy.c within
"establish_http_proxy_passthru": To keep buffers small long
base64-encoded NTLM-Strings are truncated.
But the truncating is done on a wrong place: base 64 strings can be
cut every 4 chars. the buffer is 128 bytes - including the terminating
\0, so the usable data is only 127 bytes. And decoding a 127 char
base64 string fails... this is why the ntlm authentication fails in
certain cases (long strings)...
Acked-by: Joerg Willmann <joe@clnt.de>
URL: https://community.openvpn.net/openvpn/ticket/172
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/proxy.c')
-rw-r--r-- | src/openvpn/proxy.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index 363d8a7..95d7153 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -499,7 +499,7 @@ establish_http_proxy_passthru (struct http_proxy_info *p, { struct gc_arena gc = gc_new (); char buf[512]; - char buf2[128]; + char buf2[129]; char get[80]; int status; int nparms; @@ -622,7 +622,7 @@ establish_http_proxy_passthru (struct http_proxy_info *p, openvpn_snprintf (get, sizeof get, "%%*s NTLM %%%ds", (int) sizeof (buf2) - 1); nparms = sscanf (buf, get, buf2); - buf2[127] = 0; /* we only need the beginning - ensure it's null terminated. */ + buf2[128] = 0; /* we only need the beginning - ensure it's null terminated. */ /* check for "Proxy-Authenticate: NTLM TlRM..." */ if (nparms == 1) |