This patch prevents the client for sending zero length username/passwords 
and prevents the server from accepting zero length username/passwords.
Only useful for sites using username/password authentication (rfc1929).

Index: upwd.c
===================================================================
RCS file: socks5/lib/upwd.c,v
retrieving revision 1.38.4.7
retrieving revision 1.38.4.9
diff -c -r1.38.4.7 -r1.38.4.9
*** upwd.c	1999/03/29 23:03:36	1.38.4.7
--- upwd.c	2000/03/08 17:04:09	1.38.4.9
***************
*** 78,83 ****
--- 78,93 ----
      pwd = getenv("SOCKS5_PASSWD");
      MUTEX_UNLOCK(env_mutex);
  
+     if(!user || strlen(user)==0) {
+         S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "UPWD: Missing username ");
+ 	return AUTH_FAIL;
+     }
+ 
+     if(!pwd || strlen(pwd)==0) {
+         S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "UPWD: Missing password ");
+ 	return AUTH_FAIL;
+     }
+ 
      SETVERS(buf, 1);
      SETULEN(buf, user);
      SETUSER(buf, user);
***************
*** 107,118 ****
  	goto done;
      }
      
!     if (GetString(sd, name, &timerm) < 0) {
  	S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "UPWD: Failed to get valid username");
  	goto done;
      }
      
!     if (GetString(sd, passwd, &timerm) < 0) {
  	S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "UPWD: Failed to get valid password");
  	goto done;
      }
--- 117,128 ----
  	goto done;
      }
      
!     if (GetString(sd, name, &timerm) <= 0) {
  	S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "UPWD: Failed to get valid username");
  	goto done;
      }
      
!     if (GetString(sd, passwd, &timerm) <= 0) {
  	S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "UPWD: Failed to get valid password");
  	goto done;
      }