[squid-users] Debian Buster, Squid 4.6-1 amd64, "Too few negotiateauthenticator processes are running"

James Zuelow James.Zuelow at juneau.org
Mon Jul 15 23:54:30 UTC 2019


> On 7/15/19 3:11 PM, James Zuelow wrote:
> 
> > how could I go about confirming the presence of bug 4936 in the
> > current Debian stable version of Squid?
> 
> If you want to be sure, get the source code version of the Debian Squid
> package (with all the Debian patches applied) and check whether
> src/auth/negotiate/wrapper/negotiate_wrapper.cc still contains the buggy
> code. See the Squid bug report description[1] for the pattern to look for (or
> post a link to the source file here so that others can check).
> 
> [1] https://bugs.squid-cache.org/show_bug.cgi?id=4936#c0
> 
> Alex.

Thank you!

I believe the Debian source code is here:  http://deb.debian.org/debian/pool/main/s/squid/squid_4.6.orig.tar.gz
With the patches included in this file here:  http://deb.debian.org/debian/pool/main/s/squid/squid_4.6-1.debian.tar.xz 

None of the patches appear to modify negotiate_wrapper.cc.

When I glance through negotiate_wrapper.cc I find something slightly different from either form of the bug report.  The Debian code has a buf+3 construct.

Debian:

(line 182)
length = BASE64_DECODE_LENGTH(strlen(buf+3));

and 

(line 196)
        if (!base64_decode_update(&ctx, &dstLen, token, strlen(buf+3), buf+3) ||
                !base64_decode_final(&ctx)) {
            if (debug_enabled)
                fprintf(stderr, "%s| %s: Invalid base64 token [%s]\n", LogTime(), PROGRAM, buf+3);
            fprintf(stdout, "BH Invalid negotiate request token\n");
            continue;
        }

(I only have a very basic knowledge of C++, so I could be looking at the wrong things completely.)

Thanks,

James



More information about the squid-users mailing list