On 8/03/2012 10:38 p.m., Jose-Marcio Martins da Cruz wrote:
> Amos Jeffries wrote:
>> On 08.03.2012 06:35, Alex Rousskov wrote:
>>> On 03/05/2012 03:15 PM, Amos Jeffries wrote:
>
>> The LDAP special-characters and escaping bugs for instance, just need
>> someone with a real LDAP server (not a test script) to configure a dummy
>> account and see if login works now. A real server is important there
>> because it is the servers interpretation of helper calls which is the
>> bug.
>
> I'm not aware of this issue.
>
> Are you talking about squid_ldap_auth ? If yes, maybe I can experiment
> with it. What special-characters are you talking about ?
>
> I have a pre-production machine where I usually reproduce squid
> production environnement before upgrading.
Yes, squid_ldap_auth and squid_ldap_group. Or rather their 3.2 equivalents.
It all seems to focus around whether and how escaping is done for the
username, password, group, and filter parameters.
http://bugs.squid-cache.org/show_bug.cgi?id=3204
- UTF-8 letters in non-ASCII range
* (I have vague recollections of fixing a version of this already, but
cant seem to find the bug now)
http://bugs.squid-cache.org/show_bug.cgi?id=1879
- '|' (pipe) and unspecified others
http://bugs.squid-cache.org/show_bug.cgi?id=2529
- '\' and '#'
http://bugs.squid-cache.org/show_bug.cgi?id=3481
- '(' and ')'
Amos
Received on Thu Mar 08 2012 - 10:22:12 MST
This archive was generated by hypermail 2.2.0 : Thu Mar 22 2012 - 12:00:03 MDT