------------------------------------------------------------
revno: 13940
revision-id: squid3@treenet.co.nz-20151027224824-c5bn5e1ja1g854tl
parent: squid3@treenet.co.nz-20151027224721-a4vk8jgsweso2m7z
author: Aymeric Vincent <aymericvincent@free.fr>
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.5
timestamp: Tue 2015-10-27 15:48:24 -0700
message:
  Fix incorrect authentication headers on cache digest requests
  
    login=NEGOTIATE can have an additional parameter specified,
     like login=NEGOTIATE:xxx
  
  One test added in rev.12714 does not take this case into account and it
  will send a garbage "login:password" (== "NEGOTIATE:xxx") to its peer
  when requesting a digest.
  
  This is a workaround patch to remove the broken Authentication headers
  entirely. Support for Negotiate to the peer on these digest requests is
  still needed.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20151027224824-c5bn5e1ja1g854tl
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
# testament_sha1: 2f0bf465f8bdbb9acc10f86d81cfccfffb641f5e
# timestamp: 2015-10-27 22:51:11 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
# base_revision_id: squid3@treenet.co.nz-20151027224721-\
#   a4vk8jgsweso2m7z
# 
# Begin patch
=== modified file 'src/peer_digest.cc'
--- src/peer_digest.cc	2015-01-13 09:13:49 +0000
+++ src/peer_digest.cc	2015-10-27 22:48:24 +0000
@@ -312,7 +312,7 @@
             p->login[0] != '*' &&
             strcmp(p->login, "PASS") != 0 &&
             strcmp(p->login, "PASSTHRU") != 0 &&
-            strcmp(p->login, "NEGOTIATE") != 0 &&
+            strncmp(p->login, "NEGOTIATE",9) != 0 &&
             strcmp(p->login, "PROXYPASS") != 0) {
         xstrncpy(req->login, p->login, MAX_LOGIN_SZ);
     }