Fix 889fc47 for SSL bumping with an authentication type other than the Basic (#104)

Commit 889fc47 was made to fix issue with Basic authentication and SSL bumping. But after this commit we can no longer properly use http_access with proxy_auth/proxy_auth_regex ACL because that type of ACL always return 1(match) regardless of the conditions in the rules.

Use the caches authentication results (if any) instead of a fixed 1(match) result.

diff --git a/src/auth/AclProxyAuth.cc b/src/auth/AclProxyAuth.cc
index 58ee755c25af040240782b0fdccb27b17b890405..22dc9fa56b09c2d256fd26a66ce9f11eacf83211 100644 (file)
--- a/src/auth/AclProxyAuth.cc
+++ b/src/auth/AclProxyAuth.cc
@@ -177,10 +177,10 @@ int
 ACLProxyAuth::matchProxyAuth(ACLChecklist *cl)
 {
     ACLFilledChecklist *checklist = Filled(cl);
-    if (checklist->request->flags.sslBumped)
-        return 1; // AuthenticateAcl() already handled this bumped request
-    if (!authenticateUserAuthenticated(Filled(checklist)->auth_user_request)) {
-        return 0;
+    if (!checklist->request->flags.sslBumped) {
+        if (!authenticateUserAuthenticated(checklist->auth_user_request)) {
+            return 0;
+        }
     }
     /* check to see if we have matched the user-acl before */
     int result = cacheMatchAcl(&checklist->auth_user_request->user()->proxy_match_cache, checklist);