On Wed, 9 Jun 2010 17:50:57 +0200
Luciano Mannucci <luciano@xxxxxxxxxxxxxxxx> wrote:
> my squid 3.1.4 seems unable to handle URL-encoded passwords. I think
> it sends them as they are, so I get "Login Incorrect" from the FTP
> server. Is that normal?
I reverted to squid 2.7.STABLE9 mainly because I don't understand C++.
(2.7 seems slightly faster BTW :) I don't know why the password is
sent as-is instead of RFC 1738 converted. Forcing the conversion is
pretty safe, although a quick and dirty trick: I simply modified the
ftpSendPass() function in ftp.c this way:
static void
ftpSendPass(FtpStateData * ftpState)
{
char *my_str_ptr;
my_str_ptr = xstrdup(ftpState->password);
rfc1738_unescape(my_str_ptr);
/*
snprintf(cbuf, 1024, "PASS %s\r\n", ftpState->password);
*/
snprintf(cbuf, 1024, "PASS %s\r\n", my_str_ptr);
ftpWriteCommand(cbuf, ftpState);
ftpState->state = SENT_PASS;
safe_free(my_str_ptr);
}
so now it "unescapes" every password before sending, which is safe
because it has no effect on non url-encoded ("escaped") strings.
Now it works flawlessly even with sites asking for passwords
containing "/", ":", "@"... :-)
Regards,
luciano.
--
/"\ /Via A. Salaino, 7 - 20144 Milano (Italy)
\ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
X AGAINST HTML MAIL / E-MAIL: posthamster@xxxxxxxxxxxxxxxxxxx
/ \ AND POSTINGS / WWW: http://www.mannucci.ORG/
