Fix patch for current patch
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=194
This commit is contained in:
parent
cccd13179c
commit
e1d5654187
@ -15,81 +15,118 @@ Date: Fri Feb 7 09:11:20 2014 +0100
|
||||
Base64 and base16 decoding: Use *dst_length as output only.
|
||||
|
||||
|
||||
Index: squid-3.5.21/helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.cc
|
||||
Index: squid-4.8/src/HttpHeader.cc
|
||||
===================================================================
|
||||
--- squid-3.5.21.orig/helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.cc
|
||||
+++ squid-3.5.21/helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.cc
|
||||
@@ -667,7 +667,7 @@ main(int argc, char *const argv[])
|
||||
--- squid-4.8.orig/src/HttpHeader.cc
|
||||
+++ squid-4.8/src/HttpHeader.cc
|
||||
@@ -1301,7 +1301,7 @@ HttpHeader::getAuthToken(Http::HdrType i
|
||||
char *decodedAuthToken = result.rawAppendStart(BASE64_DECODE_LENGTH(fieldLen));
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
- size_t decodedLen = 0;
|
||||
+ size_t decodedLen = BASE64_DECODE_LENGTH(fieldLen);
|
||||
if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(decodedAuthToken), fieldLen, field) ||
|
||||
!base64_decode_final(&ctx)) {
|
||||
return nil;
|
||||
Index: squid-4.8/src/auth/basic/Config.cc
|
||||
===================================================================
|
||||
--- squid-4.8.orig/src/auth/basic/Config.cc
|
||||
+++ squid-4.8/src/auth/basic/Config.cc
|
||||
@@ -176,7 +176,7 @@ Auth::Basic::Config::decodeCleartext(con
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
|
||||
- size_t dstLen = 0;
|
||||
+ size_t dstLen = BASE64_DECODE_LENGTH(srcLen)+1;
|
||||
if (base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(cleartext), srcLen, eek) && base64_decode_final(&ctx)) {
|
||||
cleartext[dstLen] = '\0';
|
||||
|
||||
Index: squid-4.8/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc
|
||||
===================================================================
|
||||
--- squid-4.8.orig/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc
|
||||
+++ squid-4.8/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc
|
||||
@@ -131,6 +131,7 @@ token_decode(size_t *decodedLen, uint8_t
|
||||
{
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
+ *decodedLen = BASE64_DECODE_LENGTH(strlen(srcLen));
|
||||
if (!base64_decode_update(&ctx, decodedLen, decoded, strlen(buf), reinterpret_cast<const uint8_t*>(buf)) ||
|
||||
!base64_decode_final(&ctx)) {
|
||||
SEND("BH base64 decode failed");
|
||||
Index: squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc
|
||||
===================================================================
|
||||
--- squid-4.8.orig/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc
|
||||
+++ squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc
|
||||
@@ -681,7 +681,7 @@ main(int argc, char *const argv[])
|
||||
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
- unsigned int dstLen = 0;
|
||||
+ unsigned int dstLen = input_token.length;
|
||||
- size_t dstLen = 0;
|
||||
+ size_t dstLen = BASE64_DECODE_LENGTH(srcLen);
|
||||
if (!base64_decode_update(&ctx, &dstLen, static_cast<uint8_t*>(input_token.value), srcLen, b64Token) ||
|
||||
!base64_decode_final(&ctx)) {
|
||||
debug((char *) "%s| %s: ERROR: Invalid base64 token [%s]\n", LogTime(), PROGRAM, b64Token);
|
||||
Index: squid-3.5.21/helpers/negotiate_auth/wrapper/negotiate_wrapper.cc
|
||||
Index: squid-4.8/src/auth/negotiate/wrapper/negotiate_wrapper.cc
|
||||
===================================================================
|
||||
--- squid-3.5.21.orig/helpers/negotiate_auth/wrapper/negotiate_wrapper.cc
|
||||
+++ squid-3.5.21/helpers/negotiate_auth/wrapper/negotiate_wrapper.cc
|
||||
@@ -341,7 +341,7 @@ main(int argc, char *const argv[])
|
||||
--- squid-4.8.orig/src/auth/negotiate/wrapper/negotiate_wrapper.cc
|
||||
+++ squid-4.8/src/auth/negotiate/wrapper/negotiate_wrapper.cc
|
||||
@@ -192,7 +192,7 @@ processingLoop(FILE *FDKIN, FILE *FDKOUT
|
||||
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
- unsigned int dstLen = 0;
|
||||
+ unsigned int dstLen = length;
|
||||
if (!base64_decode_update(&ctx, &dstLen, token, strlen(buf+3), reinterpret_cast<const uint8_t*>(buf+3)) ||
|
||||
- size_t dstLen = 0;
|
||||
+ size_t dstLen = length+1;
|
||||
if (!base64_decode_update(&ctx, &dstLen, token, strlen(buf+3), buf+3) ||
|
||||
!base64_decode_final(&ctx)) {
|
||||
if (debug)
|
||||
Index: squid-3.5.21/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
|
||||
if (debug_enabled)
|
||||
Index: squid-4.8/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc
|
||||
===================================================================
|
||||
--- squid-3.5.21.orig/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
|
||||
+++ squid-3.5.21/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
|
||||
@@ -151,7 +151,7 @@ main(int argc, char *argv[])
|
||||
buflen = strlen(buf); /* keep this so we only scan the buffer for \0 once per loop */
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
- unsigned int dstLen = 0;
|
||||
+ unsigned int dstLen = HELPER_INPUT_BUFFER;
|
||||
if (buflen > 3 &&
|
||||
base64_decode_update(&ctx, &dstLen, decodedBuf, buflen-3, reinterpret_cast<const uint8_t*>(buf+3)) &&
|
||||
base64_decode_final(&ctx)) {
|
||||
Index: squid-3.5.21/helpers/ntlm_auth/smb_lm/ntlm_smb_lm_auth.cc
|
||||
===================================================================
|
||||
--- squid-3.5.21.orig/helpers/ntlm_auth/smb_lm/ntlm_smb_lm_auth.cc
|
||||
+++ squid-3.5.21/helpers/ntlm_auth/smb_lm/ntlm_smb_lm_auth.cc
|
||||
--- squid-4.8.orig/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc
|
||||
+++ squid-4.8/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc
|
||||
@@ -517,7 +517,7 @@ manage_request()
|
||||
/* figure out what we got */
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
- unsigned int dstLen = 0;
|
||||
+ unsigned int dstLen = NTLM_BLOB_BUFFER_SIZE;
|
||||
int decodedLen = 0;
|
||||
if (!base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(decoded), strlen(buf)-3, reinterpret_cast<const uint8_t*>(buf+3)) ||
|
||||
size_t dstLen = 0;
|
||||
- int decodedLen = 0;
|
||||
+ int decodedLen = NTLM_BLOB_BUFFER_SIZE;
|
||||
if (!base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(decoded), strlen(buf)-3, buf+3) ||
|
||||
!base64_decode_final(&ctx)) {
|
||||
Index: squid-3.5.21/src/HttpHeader.cc
|
||||
SEND("NA Packet format error, couldn't base64-decode");
|
||||
Index: squid-4.8/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc
|
||||
===================================================================
|
||||
--- squid-3.5.21.orig/src/HttpHeader.cc
|
||||
+++ squid-3.5.21/src/HttpHeader.cc
|
||||
@@ -1535,7 +1535,7 @@ HttpHeader::getAuth(http_hdr_type id, co
|
||||
static char decodedAuthToken[8192];
|
||||
--- squid-4.8.orig/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc
|
||||
+++ squid-4.8/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc
|
||||
@@ -418,6 +418,7 @@ token_decode(size_t *decodedLen, uint8_t
|
||||
{
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
- unsigned int decodedLen = 0;
|
||||
+ unsigned int decodedLen = 8190;
|
||||
if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(decodedAuthToken), strlen(field), reinterpret_cast<const uint8_t*>(field)) ||
|
||||
+ *decodedLen = BASE64_DECODE_LENGTH(strlen(buf))+1;
|
||||
if (!base64_decode_update(&ctx, decodedLen, decoded, strlen(buf), reinterpret_cast<const uint8_t*>(buf)) ||
|
||||
!base64_decode_final(&ctx)) {
|
||||
return NULL;
|
||||
Index: squid-3.5.21/src/auth/basic/Config.cc
|
||||
SEND_BH("message=\"base64 decode failed\"");
|
||||
Index: squid-4.8/src/auth/ntlm/fake/ntlm_fake_auth.cc
|
||||
===================================================================
|
||||
--- squid-3.5.21.orig/src/auth/basic/Config.cc
|
||||
+++ squid-3.5.21/src/auth/basic/Config.cc
|
||||
@@ -173,7 +173,7 @@ Auth::Basic::Config::decodeCleartext(con
|
||||
--- squid-4.8.orig/src/auth/ntlm/fake/ntlm_fake_auth.cc
|
||||
+++ squid-4.8/src/auth/ntlm/fake/ntlm_fake_auth.cc
|
||||
@@ -153,7 +153,7 @@ main(int argc, char *argv[])
|
||||
ntlmhdr *packet;
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
|
||||
- unsigned int dstLen = 0;
|
||||
+ unsigned int dstLen = BASE64_DECODE_LENGTH(srcLen)+1;
|
||||
if (base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(cleartext), srcLen, (const uint8_t*)eek) && base64_decode_final(&ctx)) {
|
||||
cleartext[dstLen] = '\0';
|
||||
|
||||
- size_t dstLen = 0;
|
||||
+ size_t dstLen = HELPER_INPUT_BUFFER;
|
||||
if (buflen > 3 &&
|
||||
base64_decode_update(&ctx, &dstLen, decodedBuf, buflen-3, buf+3) &&
|
||||
base64_decode_final(&ctx)) {
|
||||
Index: squid-4.8/tools/cachemgr.cc
|
||||
===================================================================
|
||||
--- squid-4.8.orig/tools/cachemgr.cc
|
||||
+++ squid-4.8/tools/cachemgr.cc
|
||||
@@ -1103,7 +1103,7 @@ decode_pub_auth(cachemgr_request * req)
|
||||
char *buf = static_cast<char*>(xmalloc(BASE64_DECODE_LENGTH(strlen(req->pub_auth))+1));
|
||||
struct base64_decode_ctx ctx;
|
||||
base64_decode_init(&ctx);
|
||||
- size_t decodedLen = 0;
|
||||
+ size_t decodedLen = BASE64_DECODE_LENGTH(strlen(req->pub_auth))+1;
|
||||
if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(buf), strlen(req->pub_auth), req->pub_auth) ||
|
||||
!base64_decode_final(&ctx)) {
|
||||
debug("cmgr: base64 decode failure. Incomplete auth token string.\n");
|
||||
|
Loading…
Reference in New Issue
Block a user