Hello community, here is the log from the commit of package squid for openSUSE:Factory checked in at 2019-08-08 14:23:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/squid (Old) and /work/SRC/openSUSE:Factory/.squid.new.9556 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "squid" Thu Aug 8 14:23:33 2019 rev:74 rq:721533 version:4.8 Changes: -------- --- /work/SRC/openSUSE:Factory/squid/squid.changes 2019-07-26 12:42:21.813855718 +0200 +++ /work/SRC/openSUSE:Factory/.squid.new.9556/squid.changes 2019-08-08 14:23:35.484347350 +0200 @@ -1,0 +2,6 @@ +Tue Aug 6 13:05:58 UTC 2019 - Adam Majer <[email protected]> + +- fix_configuration_error.patch: Fix compilation with -Wreturn-type +- old_nettle_compat.patch: Update to actually use older version + +------------------------------------------------------------------- New: ---- fix_configuration_error.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ squid.spec ++++++ --- /var/tmp/diff_new_pack.G3Iezs/_old 2019-08-08 14:23:36.224347237 +0200 +++ /var/tmp/diff_new_pack.G3Iezs/_new 2019-08-08 14:23:36.224347237 +0200 @@ -40,6 +40,7 @@ Source17: tmpfilesdir.squid.conf Patch1: missing_installs.patch Patch2: old_nettle_compat.patch +Patch3: fix_configuration_error.patch BuildRequires: cppunit-devel BuildRequires: db-devel BuildRequires: ed @@ -92,6 +93,7 @@ %if %{suse_version} < 1500 %patch2 -p1 %endif +%patch3 -p1 %build %define _lto_cflags %{nil} ++++++ fix_configuration_error.patch ++++++ Fix warnings that result in build failures with -Wreturn-type errors error: no return statement in function returning non-void warning: 'conv' defined but not used 202 | static struct pam_conv conv = { &password_conversation, 0 }; | ^~~~ cc1plus: some warnings being treated as errors Index: squid-4.8/acinclude/pam.m4 =================================================================== --- squid-4.8.orig/acinclude/pam.m4 +++ squid-4.8/acinclude/pam.m4 @@ -21,7 +21,7 @@ AC_DEFUN([CHECK_STRUCT_PAM_CONV], [ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <security/pam_appl.h> static int -password_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) {} +password_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { return 0; } static struct pam_conv conv = { &password_conversation, 0 }; ]])], [ squid_cv_pam_conv_signature=linux @@ -29,7 +29,7 @@ static struct pam_conv conv = { &passwor AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <security/pam_appl.h> static int -password_conversation(int num_msg, struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) {} +password_conversation(int num_msg, struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { return 0; } static struct pam_conv conv = { &password_conversation, 0 }; ]])], [ squid_cv_pam_conv_signature=solaris ++++++ old_nettle_compat.patch ++++++ --- /var/tmp/diff_new_pack.G3Iezs/_old 2019-08-08 14:23:36.284347227 +0200 +++ /var/tmp/diff_new_pack.G3Iezs/_new 2019-08-08 14:23:36.284347227 +0200 @@ -19,28 +19,32 @@ =================================================================== --- squid-4.8.orig/src/HttpHeader.cc +++ squid-4.8/src/HttpHeader.cc -@@ -1301,7 +1301,7 @@ HttpHeader::getAuthToken(Http::HdrType i +@@ -1301,8 +1301,8 @@ HttpHeader::getAuthToken(Http::HdrType i char *decodedAuthToken = result.rawAppendStart(BASE64_DECODE_LENGTH(fieldLen)); struct base64_decode_ctx ctx; base64_decode_init(&ctx); - size_t decodedLen = 0; -+ size_t decodedLen = BASE64_DECODE_LENGTH(fieldLen); - if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(decodedAuthToken), fieldLen, field) || +- if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(decodedAuthToken), fieldLen, field) || ++ unsigned decodedLen = BASE64_DECODE_LENGTH(fieldLen); ++ if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(decodedAuthToken), fieldLen, (uint8_t*)field) || !base64_decode_final(&ctx)) { return nil; + } Index: squid-4.8/src/auth/basic/Config.cc =================================================================== --- squid-4.8.orig/src/auth/basic/Config.cc +++ squid-4.8/src/auth/basic/Config.cc -@@ -176,7 +176,7 @@ Auth::Basic::Config::decodeCleartext(con +@@ -176,8 +176,8 @@ Auth::Basic::Config::decodeCleartext(con struct base64_decode_ctx ctx; base64_decode_init(&ctx); - size_t dstLen = 0; -+ size_t dstLen = BASE64_DECODE_LENGTH(srcLen)+1; - if (base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(cleartext), srcLen, eek) && base64_decode_final(&ctx)) { +- if (base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(cleartext), srcLen, eek) && base64_decode_final(&ctx)) { ++ unsigned int dstLen = BASE64_DECODE_LENGTH(srcLen)+1; ++ if (base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(cleartext), srcLen, (const uint8_t*)eek) && base64_decode_final(&ctx)) { cleartext[dstLen] = '\0'; + /* Index: squid-4.8/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc =================================================================== --- squid-4.8.orig/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc @@ -57,41 +61,70 @@ =================================================================== --- squid-4.8.orig/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc +++ squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc -@@ -681,7 +681,7 @@ main(int argc, char *const argv[]) +@@ -681,8 +681,8 @@ main(int argc, char *const argv[]) struct base64_decode_ctx ctx; base64_decode_init(&ctx); - size_t dstLen = 0; -+ size_t dstLen = BASE64_DECODE_LENGTH(srcLen); - if (!base64_decode_update(&ctx, &dstLen, static_cast<uint8_t*>(input_token.value), srcLen, b64Token) || +- if (!base64_decode_update(&ctx, &dstLen, static_cast<uint8_t*>(input_token.value), srcLen, b64Token) || ++ unsigned dstLen = BASE64_DECODE_LENGTH(srcLen); ++ if (!base64_decode_update(&ctx, &dstLen, static_cast<uint8_t*>(input_token.value), srcLen, (const uint8_t*)b64Token) || !base64_decode_final(&ctx)) { debug((char *) "%s| %s: ERROR: Invalid base64 token [%s]\n", LogTime(), PROGRAM, b64Token); + fprintf(stdout, "BH Invalid negotiate request token\n"); +@@ -743,8 +743,8 @@ main(int argc, char *const argv[]) + } + struct base64_encode_ctx tokCtx; + base64_encode_init(&tokCtx); +- size_t blen = base64_encode_update(&tokCtx, token, spnegoTokenLength, reinterpret_cast<const uint8_t*>(spnegoToken)); +- blen += base64_encode_final(&tokCtx, token+blen); ++ size_t blen = base64_encode_update(&tokCtx, (uint8_t*)token, spnegoTokenLength, reinterpret_cast<const uint8_t*>(spnegoToken)); ++ blen += base64_encode_final(&tokCtx, (uint8_t*)token+blen); + token[blen] = '\0'; + + if (check_gss_err(major_status, minor_status, "gss_accept_sec_context()", log, 1)) Index: squid-4.8/src/auth/negotiate/wrapper/negotiate_wrapper.cc =================================================================== --- squid-4.8.orig/src/auth/negotiate/wrapper/negotiate_wrapper.cc +++ squid-4.8/src/auth/negotiate/wrapper/negotiate_wrapper.cc -@@ -192,7 +192,7 @@ processingLoop(FILE *FDKIN, FILE *FDKOUT +@@ -192,8 +192,8 @@ processingLoop(FILE *FDKIN, FILE *FDKOUT struct base64_decode_ctx ctx; base64_decode_init(&ctx); - size_t dstLen = 0; -+ size_t dstLen = length+1; - if (!base64_decode_update(&ctx, &dstLen, token, strlen(buf+3), buf+3) || +- if (!base64_decode_update(&ctx, &dstLen, token, strlen(buf+3), buf+3) || ++ unsigned dstLen = length+1; ++ if (!base64_decode_update(&ctx, &dstLen, token, strlen(buf+3), (const uint8_t*)buf+3) || !base64_decode_final(&ctx)) { if (debug_enabled) + fprintf(stderr, "%s| %s: Invalid base64 token [%s]\n", LogTime(), PROGRAM, buf+3); Index: squid-4.8/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc =================================================================== --- squid-4.8.orig/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc +++ squid-4.8/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc -@@ -517,7 +517,7 @@ manage_request() +@@ -203,8 +203,8 @@ make_challenge(char *domain, char *domai + + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); +- size_t blen = base64_encode_update(&ctx, b64buf, len, reinterpret_cast<const uint8_t *>(&chal)); +- blen += base64_encode_final(&ctx, b64buf+blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)b64buf, len, reinterpret_cast<const uint8_t *>(&chal)); ++ blen += base64_encode_final(&ctx, (uint8_t*)b64buf+blen); + b64buf[blen] = '\0'; + return b64buf; + } +@@ -516,9 +516,9 @@ manage_request() + /* figure out what we got */ struct base64_decode_ctx ctx; base64_decode_init(&ctx); - size_t dstLen = 0; -- int decodedLen = 0; -+ int decodedLen = NTLM_BLOB_BUFFER_SIZE; - if (!base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(decoded), strlen(buf)-3, buf+3) || +- size_t dstLen = 0; ++ unsigned dstLen = NTLM_BLOB_BUFFER_SIZE; + int decodedLen = 0; +- if (!base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(decoded), strlen(buf)-3, buf+3) || ++ if (!base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(decoded), strlen(buf)-3, (const uint8_t*)buf+3) || !base64_decode_final(&ctx)) { SEND("NA Packet format error, couldn't base64-decode"); + return; Index: squid-4.8/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc =================================================================== --- squid-4.8.orig/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc @@ -108,25 +141,298 @@ =================================================================== --- squid-4.8.orig/src/auth/ntlm/fake/ntlm_fake_auth.cc +++ squid-4.8/src/auth/ntlm/fake/ntlm_fake_auth.cc -@@ -153,7 +153,7 @@ main(int argc, char *argv[]) +@@ -153,9 +153,9 @@ main(int argc, char *argv[]) ntlmhdr *packet; struct base64_decode_ctx ctx; base64_decode_init(&ctx); - size_t dstLen = 0; -+ size_t dstLen = HELPER_INPUT_BUFFER; ++ unsigned dstLen = HELPER_INPUT_BUFFER; if (buflen > 3 && - base64_decode_update(&ctx, &dstLen, decodedBuf, buflen-3, buf+3) && +- base64_decode_update(&ctx, &dstLen, decodedBuf, buflen-3, buf+3) && ++ base64_decode_update(&ctx, &dstLen, decodedBuf, buflen-3, (const uint8_t*)buf+3) && base64_decode_final(&ctx)) { + decodedLen = dstLen; + packet = (ntlmhdr*)decodedBuf; +@@ -190,8 +190,8 @@ main(int argc, char *argv[]) + struct base64_encode_ctx eCtx; + base64_encode_init(&eCtx); + char *data = static_cast<char *>(xcalloc(base64_encode_len(len), 1)); +- size_t blen = base64_encode_update(&eCtx, data, len, reinterpret_cast<const uint8_t *>(&chal)); +- blen += base64_encode_final(&eCtx, data+blen); ++ size_t blen = base64_encode_update(&eCtx, (uint8_t*)data, len, reinterpret_cast<const uint8_t *>(&chal)); ++ blen += base64_encode_final(&eCtx, (uint8_t*)data+blen); + if (NTLM_packet_debug_enabled) { + printf("TT %.*s\n", (int)blen, data); + debug("sending 'TT' to squid with data:\n"); Index: squid-4.8/tools/cachemgr.cc =================================================================== --- squid-4.8.orig/tools/cachemgr.cc +++ squid-4.8/tools/cachemgr.cc -@@ -1103,7 +1103,7 @@ decode_pub_auth(cachemgr_request * req) +@@ -1082,8 +1082,8 @@ make_pub_auth(cachemgr_request * req) + req->pub_auth = (char *) xmalloc(encodedLen); + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); +- size_t blen = base64_encode_update(&ctx, req->pub_auth, bufLen, reinterpret_cast<uint8_t*>(buf)); +- blen += base64_encode_final(&ctx, req->pub_auth + blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)req->pub_auth, bufLen, reinterpret_cast<uint8_t*>(buf)); ++ blen += base64_encode_final(&ctx, (uint8_t*)req->pub_auth + blen); + req->pub_auth[blen] = '\0'; + debug("cmgr: encoded: '%s'\n", req->pub_auth); + } +@@ -1103,8 +1103,8 @@ decode_pub_auth(cachemgr_request * req) char *buf = static_cast<char*>(xmalloc(BASE64_DECODE_LENGTH(strlen(req->pub_auth))+1)); struct base64_decode_ctx ctx; base64_decode_init(&ctx); - size_t decodedLen = 0; -+ size_t decodedLen = BASE64_DECODE_LENGTH(strlen(req->pub_auth))+1; - if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(buf), strlen(req->pub_auth), req->pub_auth) || +- if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(buf), strlen(req->pub_auth), req->pub_auth) || ++ unsigned decodedLen = BASE64_DECODE_LENGTH(strlen(req->pub_auth))+1; ++ if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(buf), strlen(req->pub_auth), (uint8_t*)req->pub_auth) || !base64_decode_final(&ctx)) { debug("cmgr: base64 decode failure. Incomplete auth token string.\n"); + xfree(buf); +@@ -1197,8 +1197,8 @@ make_auth_header(const cachemgr_request + char *str64 = static_cast<char *>(xmalloc(encodedLen)); + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); +- size_t blen = base64_encode_update(&ctx, str64, bufLen, reinterpret_cast<uint8_t*>(buf)); +- blen += base64_encode_final(&ctx, str64+blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)str64, bufLen, reinterpret_cast<uint8_t*>(buf)); ++ blen += base64_encode_final(&ctx, (uint8_t*)str64+blen); + str64[blen] = '\0'; + + stringLength += snprintf(buf, sizeof(buf), "Authorization: Basic %.*s\r\n", (int)blen, str64); +Index: squid-4.8/include/base64.h +=================================================================== +--- squid-4.8.orig/include/base64.h ++++ squid-4.8/include/base64.h +@@ -9,11 +9,11 @@ + #ifndef _SQUID_BASE64_H + #define _SQUID_BASE64_H + +-#if HAVE_NETTLE_BASE64_H && HAVE_NETTLE34_BASE64 ++#if HAVE_NETTLE_BASE64_H + #include <nettle/base64.h> + + #else /* Base64 functions copied from Nettle 3.4 under GPLv2, with adjustments */ +- ++#error "Mssing libnettle-devel" + /* base64.h + + Base-64 encoding and decoding. +Index: squid-4.8/lib/base64.c +=================================================================== +--- squid-4.8.orig/lib/base64.c ++++ squid-4.8/lib/base64.c +@@ -13,7 +13,7 @@ + #include "squid.h" + #include "base64.h" + +-#if !HAVE_NETTLE_BASE64_H || !HAVE_NETTLE34_BASE64 ++#if !HAVE_NETTLE_BASE64_H + + /* base64-encode.c + +Index: squid-4.8/src/format/Format.cc +=================================================================== +--- squid-4.8.orig/src/format/Format.cc ++++ squid-4.8/src/format/Format.cc +@@ -557,8 +557,8 @@ Format::Format::assemble(MemBuf &mb, con + + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); +- auto encLength = base64_encode_update(&ctx, buf, rawLength, reinterpret_cast<const uint8_t*>(handshake.rawContent())); +- encLength += base64_encode_final(&ctx, buf + encLength); ++ auto encLength = base64_encode_update(&ctx, (uint8_t*)buf, rawLength, reinterpret_cast<const uint8_t*>(handshake.rawContent())); ++ encLength += base64_encode_final(&ctx, (uint8_t*)buf + encLength); + + sb.rawAppendFinish(buf, encLength); + out = sb.c_str(); +Index: squid-4.8/src/auth/digest/Config.cc +=================================================================== +--- squid-4.8.orig/src/auth/digest/Config.cc ++++ squid-4.8/src/auth/digest/Config.cc +@@ -111,8 +111,8 @@ authDigestNonceEncode(digest_nonce_h * n + nonce->key = xcalloc(base64_encode_len(sizeof(digest_nonce_data)), 1); + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); +- size_t blen = base64_encode_update(&ctx, reinterpret_cast<char*>(nonce->key), sizeof(digest_nonce_data), reinterpret_cast<const uint8_t*>(&(nonce->noncedata))); +- blen += base64_encode_final(&ctx, reinterpret_cast<char*>(nonce->key)+blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)nonce->key, sizeof(digest_nonce_data), (uint8_t*)&(nonce->noncedata)); ++ blen += base64_encode_final(&ctx, ((uint8_t*)(nonce->key))+blen); + } + + digest_nonce_h * +Index: squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc +=================================================================== +--- squid-4.8.orig/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc ++++ squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc +@@ -203,8 +203,8 @@ squid_kerb_proxy_auth(char *proxy) + token = (char *) xcalloc(base64_encode_len(output_token.length), 1); + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); +- size_t blen = base64_encode_update(&ctx, token, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value)); +- blen += base64_encode_final(&ctx, token+blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)token, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value)); ++ blen += base64_encode_final(&ctx, (uint8_t*)token+blen); + } + } + +Index: squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc +=================================================================== +--- squid-4.8.orig/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc ++++ squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc +@@ -245,8 +245,8 @@ getdomaingids(char *ad_groups, uint32_t + base64_encode_init(&ctx); + const uint32_t expectedSz = base64_encode_len(length+4) +1 /* terminator */; + char *b64buf = static_cast<char *>(xcalloc(expectedSz, 1)); +- size_t blen = base64_encode_update(&ctx, b64buf, length+4, reinterpret_cast<uint8_t*>(ag)); +- blen += base64_encode_final(&ctx, b64buf+blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)b64buf, length+4, reinterpret_cast<uint8_t*>(ag)); ++ blen += base64_encode_final(&ctx, (uint8_t*)b64buf+blen); + b64buf[expectedSz-1] = '\0'; + if (!pstrcat(ad_groups, b64buf)) { + debug((char *) "%s| %s: WARN: Too many groups ! size > %d : %s\n", +@@ -334,8 +334,8 @@ getextrasids(char *ad_groups, uint32_t E + base64_encode_init(&ctx); + const uint32_t expectedSz = base64_encode_len(length) +1 /* terminator */; + char *b64buf = static_cast<char *>(xcalloc(expectedSz, 1)); +- size_t blen = base64_encode_update(&ctx, b64buf, length, reinterpret_cast<uint8_t*>(ag)); +- blen += base64_encode_final(&ctx, b64buf+blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)b64buf, length, reinterpret_cast<uint8_t*>(ag)); ++ blen += base64_encode_final(&ctx, (uint8_t*)b64buf+blen); + b64buf[expectedSz-1] = '\0'; + if (!pstrcat(ad_groups, reinterpret_cast<char*>(b64buf))) { + debug((char *) "%s| %s: WARN: Too many groups ! size > %d : %s\n", +Index: squid-4.8/src/adaptation/icap/ModXact.cc +=================================================================== +--- squid-4.8.orig/src/adaptation/icap/ModXact.cc ++++ squid-4.8/src/adaptation/icap/ModXact.cc +@@ -1369,10 +1369,10 @@ void Adaptation::Icap::ModXact::makeRequ + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); + char base64buf[base64_encode_len(MAX_LOGIN_SZ)]; +- size_t resultLen = base64_encode_update(&ctx, base64buf, request->extacl_user.size(), reinterpret_cast<const uint8_t*>(request->extacl_user.rawBuf())); +- resultLen += base64_encode_update(&ctx, base64buf+resultLen, 1, reinterpret_cast<const uint8_t*>(":")); +- resultLen += base64_encode_update(&ctx, base64buf+resultLen, request->extacl_passwd.size(), reinterpret_cast<const uint8_t*>(request->extacl_passwd.rawBuf())); +- resultLen += base64_encode_final(&ctx, base64buf+resultLen); ++ size_t resultLen = base64_encode_update(&ctx, (uint8_t*)base64buf, request->extacl_user.size(), reinterpret_cast<const uint8_t*>(request->extacl_user.rawBuf())); ++ resultLen += base64_encode_update(&ctx, (uint8_t*)base64buf+resultLen, 1, reinterpret_cast<const uint8_t*>(":")); ++ resultLen += base64_encode_update(&ctx, (uint8_t*)base64buf+resultLen, request->extacl_passwd.size(), reinterpret_cast<const uint8_t*>(request->extacl_passwd.rawBuf())); ++ resultLen += base64_encode_final(&ctx, (uint8_t*)base64buf+resultLen); + buf.appendf("Proxy-Authorization: Basic %.*s\r\n", (int)resultLen, base64buf); + } + +@@ -1529,8 +1529,8 @@ void Adaptation::Icap::ModXact::makeUser + if (value) { + if (TheConfig.client_username_encode) { + char base64buf[base64_encode_len(MAX_LOGIN_SZ)]; +- size_t resultLen = base64_encode_update(&ctx, base64buf, strlen(value), reinterpret_cast<const uint8_t*>(value)); +- resultLen += base64_encode_final(&ctx, base64buf+resultLen); ++ size_t resultLen = base64_encode_update(&ctx, (uint8_t*)base64buf, strlen(value), reinterpret_cast<const uint8_t*>(value)); ++ resultLen += base64_encode_final(&ctx, (uint8_t*)base64buf+resultLen); + buf.appendf("%s: %.*s\r\n", TheConfig.client_username_header, (int)resultLen, base64buf); + } else + buf.appendf("%s: %s\r\n", TheConfig.client_username_header, value); +Index: squid-4.8/src/http.cc +=================================================================== +--- squid-4.8.orig/src/http.cc ++++ squid-4.8/src/http.cc +@@ -1697,9 +1697,9 @@ httpFixupAuthentication(HttpRequest * re + username = request->auth_user_request->username(); + #endif + +- blen = base64_encode_update(&ctx, loginbuf, strlen(username), reinterpret_cast<const uint8_t*>(username)); +- blen += base64_encode_update(&ctx, loginbuf+blen, strlen(request->peer_login +1), reinterpret_cast<const uint8_t*>(request->peer_login +1)); +- blen += base64_encode_final(&ctx, loginbuf+blen); ++ blen = base64_encode_update(&ctx, (uint8_t*)loginbuf, strlen(username), reinterpret_cast<const uint8_t*>(username)); ++ blen += base64_encode_update(&ctx, (uint8_t*)loginbuf+blen, strlen(request->peer_login +1), reinterpret_cast<const uint8_t*>(request->peer_login +1)); ++ blen += base64_encode_final(&ctx, (uint8_t*)loginbuf+blen); + httpHeaderPutStrf(hdr_out, header, "Basic %.*s", (int)blen, loginbuf); + return; + } +@@ -1709,10 +1709,10 @@ httpFixupAuthentication(HttpRequest * re + (strcmp(request->peer_login, "PASS") == 0 || + strcmp(request->peer_login, "PROXYPASS") == 0)) { + +- blen = base64_encode_update(&ctx, loginbuf, request->extacl_user.size(), reinterpret_cast<const uint8_t*>(request->extacl_user.rawBuf())); +- blen += base64_encode_update(&ctx, loginbuf+blen, 1, reinterpret_cast<const uint8_t*>(":")); +- blen += base64_encode_update(&ctx, loginbuf+blen, request->extacl_passwd.size(), reinterpret_cast<const uint8_t*>(request->extacl_passwd.rawBuf())); +- blen += base64_encode_final(&ctx, loginbuf+blen); ++ blen = base64_encode_update(&ctx, (uint8_t*)loginbuf, request->extacl_user.size(), reinterpret_cast<const uint8_t*>(request->extacl_user.rawBuf())); ++ blen += base64_encode_update(&ctx, (uint8_t*)loginbuf+blen, 1, reinterpret_cast<const uint8_t*>(":")); ++ blen += base64_encode_update(&ctx, (uint8_t*)loginbuf+blen, request->extacl_passwd.size(), reinterpret_cast<const uint8_t*>(request->extacl_passwd.rawBuf())); ++ blen += base64_encode_final(&ctx, (uint8_t*)loginbuf+blen); + httpHeaderPutStrf(hdr_out, header, "Basic %.*s", (int)blen, loginbuf); + return; + } +@@ -1741,8 +1741,8 @@ httpFixupAuthentication(HttpRequest * re + } + #endif /* HAVE_KRB5 && HAVE_GSSAPI */ + +- blen = base64_encode_update(&ctx, loginbuf, strlen(request->peer_login), reinterpret_cast<const uint8_t*>(request->peer_login)); +- blen += base64_encode_final(&ctx, loginbuf+blen); ++ blen = base64_encode_update(&ctx, (uint8_t*)loginbuf, strlen(request->peer_login), reinterpret_cast<const uint8_t*>(request->peer_login)); ++ blen += base64_encode_final(&ctx, (uint8_t*)loginbuf+blen); + httpHeaderPutStrf(hdr_out, header, "Basic %.*s", (int)blen, loginbuf); + return; + } +@@ -1869,8 +1869,8 @@ HttpStateData::httpBuildRequestHeader(Ht + static char result[base64_encode_len(MAX_URL*2)]; // should be big enough for a single URI segment + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); +- size_t blen = base64_encode_update(&ctx, result, request->url.userInfo().length(), reinterpret_cast<const uint8_t*>(request->url.userInfo().rawContent())); +- blen += base64_encode_final(&ctx, result+blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)result, request->url.userInfo().length(), reinterpret_cast<const uint8_t*>(request->url.userInfo().rawContent())); ++ blen += base64_encode_final(&ctx, (uint8_t*)result+blen); + result[blen] = '\0'; + if (blen) + httpHeaderPutStrf(hdr_out, Http::HdrType::AUTHORIZATION, "Basic %.*s", (int)blen, result); +Index: squid-4.8/src/peer_proxy_negotiate_auth.cc +=================================================================== +--- squid-4.8.orig/src/peer_proxy_negotiate_auth.cc ++++ squid-4.8/src/peer_proxy_negotiate_auth.cc +@@ -562,8 +562,8 @@ char *peer_proxy_negotiate_auth(char *pr + static char b64buf[8192]; // XXX: 8KB only because base64_encode_bin() used to. + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); +- size_t blen = base64_encode_update(&ctx, b64buf, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value)); +- blen += base64_encode_final(&ctx, b64buf+blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)b64buf, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value)); ++ blen += base64_encode_final(&ctx, (uint8_t*)b64buf+blen); + b64buf[blen] = '\0'; + + token = reinterpret_cast<char*>(b64buf); +Index: squid-4.8/tools/squidclient/gssapi_support.cc +=================================================================== +--- squid-4.8.orig/tools/squidclient/gssapi_support.cc ++++ squid-4.8/tools/squidclient/gssapi_support.cc +@@ -134,8 +134,8 @@ GSSAPI_token(const char *server) + token = new char[base64_encode_len(output_token.length)]; + struct base64_encode_ctx ctx; + base64_encode_init(&ctx); +- size_t blen = base64_encode_update(&ctx, token, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value)); +- blen += base64_encode_final(&ctx, token+blen); ++ size_t blen = base64_encode_update(&ctx, (uint8_t*)token, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value)); ++ blen += base64_encode_final(&ctx, (uint8_t*)token+blen); + token[blen] = '\0'; + } + } +Index: squid-4.8/tools/squidclient/squidclient.cc +=================================================================== +--- squid-4.8.orig/tools/squidclient/squidclient.cc ++++ squid-4.8/tools/squidclient/squidclient.cc +@@ -212,10 +212,10 @@ Authorization::commit(std::ostream &os) + const auto buf = new char[bcapacity]; + + size_t bsize = 0; +- bsize += base64_encode_update(&ctx, buf, strlen(user), reinterpret_cast<const uint8_t*>(user)); +- bsize += base64_encode_update(&ctx, buf+bsize, 1, reinterpret_cast<const uint8_t*>(":")); +- bsize += base64_encode_update(&ctx, buf+bsize, strlen(password), reinterpret_cast<const uint8_t*>(password)); +- bsize += base64_encode_final(&ctx, buf+bsize); ++ bsize += base64_encode_update(&ctx, (uint8_t*)buf, strlen(user), reinterpret_cast<const uint8_t*>(user)); ++ bsize += base64_encode_update(&ctx, (uint8_t*)buf+bsize, 1, reinterpret_cast<const uint8_t*>(":")); ++ bsize += base64_encode_update(&ctx, (uint8_t*)buf+bsize, strlen(password), reinterpret_cast<const uint8_t*>(password)); ++ bsize += base64_encode_final(&ctx, (uint8_t*)buf+bsize); + assert(bsize <= bcapacity); // paranoid and late but better than nothing + + os << header << ": Basic ";
