From 32f4bda8087a7b6302fd5ba9bcc908d5cb1fe614 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Tue, 18 May 2021 02:50:33 -0400
Subject: [PATCH] import squid-4.11-4.module+el8.4.0+9038+276d2d9f

---
 .../squid-4.11-cache-mgr-auth-strdup.patch    | 27 +++++++++++++++++++
 SPECS/squid.spec                              |  9 ++++++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 SOURCES/squid-4.11-cache-mgr-auth-strdup.patch

diff --git a/SOURCES/squid-4.11-cache-mgr-auth-strdup.patch b/SOURCES/squid-4.11-cache-mgr-auth-strdup.patch
new file mode 100644
index 0000000..88c903e
--- /dev/null
+++ b/SOURCES/squid-4.11-cache-mgr-auth-strdup.patch
@@ -0,0 +1,27 @@
+diff --git a/tools/cachemgr.cc b/tools/cachemgr.cc
+index 36d8e38..50bb9b6 100644
+--- a/tools/cachemgr.cc
++++ b/tools/cachemgr.cc
+@@ -1092,14 +1092,20 @@ make_pub_auth(cachemgr_request * req)
+     if (!req->passwd || !strlen(req->passwd))
+         return;
+ 
++    auto *rfc1738_username = xstrdup(rfc1738_escape(safe_str(req->user_name)));
++    auto *rfc1738_passwd = xstrdup(rfc1738_escape(req->passwd));
++
+     /* host | time | user | passwd */
+     const int bufLen = snprintf(buf, sizeof(buf), "%s|%d|%s|%s",
+                                 req->hostname,
+                                 (int) now,
+-                                rfc1738_escape(safe_str(req->user_name)),
+-                                rfc1738_escape(req->passwd));
++                                rfc1738_username,
++                                rfc1738_passwd);
+     debug("cmgr: pre-encoded for pub: %s\n", buf);
+ 
++    safe_free(rfc1738_username);
++    safe_free(rfc1738_passwd);
++
+     const int encodedLen = base64_encode_len(bufLen);
+     req->pub_auth = (char *) xmalloc(encodedLen);
+     struct base64_encode_ctx ctx;
diff --git a/SPECS/squid.spec b/SPECS/squid.spec
index 597f1a1..af20506 100644
--- a/SPECS/squid.spec
+++ b/SPECS/squid.spec
@@ -2,7 +2,7 @@
 
 Name:     squid
 Version:  4.11
-Release:  3%{?dist}
+Release:  4%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@@ -36,6 +36,8 @@ Patch206: squid-4.11-active-ftp.patch
 # https://github.com/squid-cache/squid/commit/c26cd1cb6a60ff196ef13c00e82576d3bfeb2e30
 Patch207: squid-4.11-systemd.patch
 Patch208: squid-4.11-convert-ipv4.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=1890606
+Patch209: squid-4.11-cache-mgr-auth-strdup.patch
 
 # Security fixes
 # https://bugzilla.redhat.com/show_bug.cgi?id=1852554
@@ -109,6 +111,7 @@ lookup program (dnsserver), a program for retrieving FTP data
 %patch206 -p1 -b .active-ftp
 %patch207 -p1 -b .systemd
 %patch208 -p1 -R -b .convert-ipv4
+%patch209 -p1 -b .cachemgr-strdup
 
 # Security patches
 %patch500 -p1 -b .cve-2020-14058
@@ -332,6 +335,10 @@ fi
 
 
 %changelog
+* Mon Oct 26 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.11-4
+- Resolves: #1890606 - Fix for CVE 2019-13345 breaks authentication in
+  cachemgr.cgi
+
 * Wed Aug 26 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.11-3
 - Resolves: #1871705 - CVE-2020-24606 squid: Improper Input Validation could
   result in a DoS