Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/squid/patches/bug2902.patch
changeset 163 492ba3a66c6f 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/squid/patches/bug2902.patch	Mon Apr 04 15:06:13 2011 -0700
@@ -0,0 +1,118 @@
+Index: squid-2.7.STABLE9/src/auth/digest/auth_digest.c
+===================================================================
+RCS file: /cvsroot/squid/squid/src/auth/digest/auth_digest.c,v
+retrieving revision 1.23.2.3
+diff -u -p -r1.23.2.3 auth_digest.c
+--- squid-2.7.STABLE9/src/auth/digest/auth_digest.c	7 Mar 2010 16:00:07 -0000	1.23.2.3
++++ squid-2.7.STABLE9/src/auth/digest/auth_digest.c	22 Apr 2010 20:25:39 -0000
+@@ -1315,7 +1315,8 @@ authenticateDigestDecodeAuth(auth_user_r
+     /* do we have a username ? */
+     if (!username || username[0] == '\0') {
+ 	debug(29, 4) ("authenticateDigestDecode: Empty or not present username\n");
+-	return authDigestLogUsername(auth_user_request, username);
++	authDigestLogUsername(auth_user_request, username);
++	return;
+     }
+     /* Sanity check of the username.
+      * " can not be allowed in usernames until * the digest helper protocol
+@@ -1323,28 +1324,33 @@ authenticateDigestDecodeAuth(auth_user_r
+      */
+     if (strchr(username, '"')) {
+ 	debug(29, 2) ("authenticateDigestDecode: Unacceptable username '%s'\n", username);
+-	return authDigestLogUsername(auth_user_request, username);
++	authDigestLogUsername(auth_user_request, username);
++	return;
+     }
+     /* do we have a realm ? */
+     if (!digest_request->realm || digest_request->realm[0] == '\0') {
+ 	debug(29, 2) ("authenticateDigestDecode: Empty or not present realm");
+-	return authDigestLogUsername(auth_user_request, username);
++	authDigestLogUsername(auth_user_request, username);
++	return;
+     }
+     /* and a nonce? */
+     if (!digest_request->nonceb64 || digest_request->nonceb64[0] == '\0') {
+ 	debug(29, 2) ("authenticateDigestDecode: Empty or not present nonce");
+-	return authDigestLogUsername(auth_user_request, username);
++	authDigestLogUsername(auth_user_request, username);
++	return;
+     }
+     /* we can't check the URI just yet. We'll check it in the
+      * authenticate phase, but needs to be given */
+     if (!digest_request->uri || digest_request->uri[0] == '\0') {
+ 	debug(29, 2) ("authenticateDigestDecode: Missing URI field");
+-	return authDigestLogUsername(auth_user_request, username);
++	authDigestLogUsername(auth_user_request, username);
++	return;
+     }
+     /* is the response the correct length? */
+     if (!digest_request->response || strlen(digest_request->response) != 32) {
+ 	debug(29, 2) ("authenticateDigestDecode: Response length invalid\n");
+-	return authDigestLogUsername(auth_user_request, username);
++	authDigestLogUsername(auth_user_request, username);
++	return;
+     }
+     /* check the algorithm is present and supported */
+     if (!digest_request->algorithm)
+@@ -1352,7 +1358,8 @@ authenticateDigestDecodeAuth(auth_user_r
+     else if (strcmp(digest_request->algorithm, "MD5")
+ 	&& strcmp(digest_request->algorithm, "MD5-sess")) {
+ 	debug(29, 2) ("authenticateDigestDecode: invalid algorithm specified!\n");
+-	return authDigestLogUsername(auth_user_request, username);
++	authDigestLogUsername(auth_user_request, username);
++	return;
+     }
+     /* 2617 requirements, indicated by qop */
+     if (digest_request->qop) {
+@@ -1361,23 +1368,27 @@ authenticateDigestDecodeAuth(auth_user_r
+ 	if (strcmp(digest_request->qop, QOP_AUTH) != 0) {
+ 	    /* we received a qop option we didn't send */
+ 	    debug(29, 2) ("authenticateDigestDecode: Invalid qop option received\n");
+-	    return authDigestLogUsername(auth_user_request, username);
++	    authDigestLogUsername(auth_user_request, username);
++	    return;
+ 	}
+ 	/* check cnonce */
+ 	if (!digest_request->cnonce || digest_request->cnonce[0] == '\0') {
+ 	    debug(29, 2) ("authenticateDigestDecode: Missing cnonce field\n");
+-	    return authDigestLogUsername(auth_user_request, username);
++	    authDigestLogUsername(auth_user_request, username);
++	    return;
+ 	}
+ 	/* check nc */
+ 	if (strlen(digest_request->nc) != 8 || strspn(digest_request->nc, "0123456789abcdefABCDEF") != 8) {
+ 	    debug(29, 2) ("authenticateDigestDecode: invalid nonce count\n");
+-	    return authDigestLogUsername(auth_user_request, username);
++	    authDigestLogUsername(auth_user_request, username);
++	    return;
+ 	}
+     } else {
+ 	/* cnonce and nc both require qop */
+ 	if (digest_request->cnonce || digest_request->nc) {
+ 	    debug(29, 2) ("authenticateDigestDecode: missing qop!\n");
+-	    return authDigestLogUsername(auth_user_request, username);
++	    authDigestLogUsername(auth_user_request, username);
++	    return;
+ 	}
+     }
+ 
+@@ -1389,7 +1400,8 @@ authenticateDigestDecodeAuth(auth_user_r
+ 	/* we couldn't find a matching nonce! */
+ 	debug(29, 2) ("authenticateDigestDecode: Unexpected or invalid nonce received\n");
+ 	digest_request->flags.credentials_ok = 3;
+-	return authDigestLogUsername(auth_user_request, username);
++	authDigestLogUsername(auth_user_request, username);
++	return;
+     }
+     digest_request->nonce = nonce;
+     authDigestNonceLink(nonce);
+@@ -1397,7 +1409,8 @@ authenticateDigestDecodeAuth(auth_user_r
+     /* check that we're not being hacked / the username hasn't changed */
+     if (nonce->auth_user && strcmp(username, authenticateUserUsername(nonce->auth_user))) {
+ 	debug(29, 2) ("authenticateDigestDecode: Username for the nonce does not equal the username for the request\n");
+-	return authDigestLogUsername(auth_user_request, username);
++	authDigestLogUsername(auth_user_request, username);
++	return;
+     }
+     /* the method we'll check at the authenticate step as well */
+
upstream/oracle/userland-gate