On Tue, 13 Jul 2004, Andrew Bartlett wrote:
> While I've been trying to code up the 'Negotiate' (SPNEGO) support for
> Squid, I have seen a lot of:
>
> ntlm_request->authchallenge = xstrndup(reply, NTLM_CHALLENGE_SZ
> + 5);
As robert already said, there is no reason xstrdup should not be used
here, and I also suspect many of these copies should go away completely
when we get rid of the challenge/response cache.
> These worry me - not only are these packets not fixed size, Squid has no
> way of knowing what they should be!
Correct. Squid has no business trying to guess the properties of the
exchanged blobs.
Regards
Henrik
Received on Tue Jul 13 2004 - 03:55:05 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Jul 31 2004 - 12:00:03 MDT