This appears to have been fixed in Debian nearly six months ago ... http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701123
The fix is at: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10486.patch
Here's the patch, applies cleanly against squid3-3.1.20-1ubuntu3
--- a/tools/cachemgr.cc +++ b/tools/cachemgr.cc @@ -1162,7 +1162,6 @@ { static char buf[1024]; size_t stringLength = 0; - const char *str64;
if (!req->passwd) return ""; @@ -1171,15 +1170,12 @@ req->user_name ? req->user_name : "", req->passwd);
- str64 = base64_encode(buf); - - stringLength += snprintf(buf, sizeof(buf), "Authorization: Basic %s\r\n", str64); + stringLength += snprintf(buf, sizeof(buf), "Authorization: Basic %s\r\n", base64_encode(buf));
assert(stringLength < sizeof(buf));
- snprintf(&buf[stringLength], sizeof(buf) - stringLength, "Proxy-Authorization: Basic %s\r\n", str64); + snprintf(&buf[stringLength], sizeof(buf) - stringLength, "Proxy-Authorization: Basic %s\r\n", base64_encode(buf));
- xxfree(str64); return buf; }
This appears to have been fixed in Debian nearly six months ago ... http:// bugs.debian. org/cgi- bin/bugreport. cgi?bug= 701123
The fix is at: http:// www.squid- cache.org/ Versions/ v3/3.1/ changesets/ squid-3. 1-10486. patch
Here's the patch, applies cleanly against squid3- 3.1.20- 1ubuntu3
--- a/tools/cachemgr.cc
+++ b/tools/cachemgr.cc
@@ -1162,7 +1162,6 @@
{
static char buf[1024];
size_t stringLength = 0;
- const char *str64;
if (!req->passwd)
req->user_ name ? req->user_name : "",
req->passwd) ;
return "";
@@ -1171,15 +1170,12 @@
- str64 = base64_encode(buf); encode( buf));
-
- stringLength += snprintf(buf, sizeof(buf), "Authorization: Basic %s\r\n", str64);
+ stringLength += snprintf(buf, sizeof(buf), "Authorization: Basic %s\r\n", base64_
assert( stringLength < sizeof(buf));
- snprintf( &buf[stringLeng th], sizeof(buf) - stringLength, "Proxy- Authorization: Basic %s\r\n", str64); &buf[stringLeng th], sizeof(buf) - stringLength, "Proxy- Authorization: Basic %s\r\n", base64_ encode( buf));
+ snprintf(
- xxfree(str64);
return buf;
}