Initialize options= in all cases

Since we now have long and ptr in different builds we cannot rely on the
default constructor always being correct.

Adjust the parseOptions() method to handle empty options= silently for
OpenSSL buidls (like GnutTLS builds did already) and use it to initialize
the parsedOptions member.

diff --git a/src/security/PeerOptions.cc b/src/security/PeerOptions.cc
index 844aa16f8d2838127c087a3bf0bd862d3bce43ba..a7cd94db5ce5530869154f16e7e67d3e79d9c9d3 100644 (file)
--- a/src/security/PeerOptions.cc
+++ b/src/security/PeerOptions.cc
@@ -21,6 +21,12 @@
 
 Security::PeerOptions Security::ProxyOutgoingConfig;
 
+Security::PeerOptions::PeerOptions()
+{
+     // init options consistent with an empty sslOptions
+     parseOptions();
+}
+
 Security::PeerOptions::PeerOptions(const Security::PeerOptions &p) :
     sslOptions(p.sslOptions),
     caDir(p.caDir),
@@ -472,7 +478,7 @@ Security::PeerOptions::parseOptions()
     ::Parser::Tokenizer tok(sslOptions);
     long op = 0;
 
-    do {
+    while (!tok.atEnd()) {
         enum {
             MODE_ADD, MODE_REMOVE
         } mode;
@@ -525,7 +531,7 @@ Security::PeerOptions::parseOptions()
             fatalf("Unknown TLS option '" SQUIDSBUFPH "'", SQUIDSBUFPRINT(tok.remaining()));
         }
 
-    } while (!tok.atEnd());
+    }
 
 #if SSL_OP_NO_SSLv2
     // compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0

diff --git a/src/security/PeerOptions.h b/src/security/PeerOptions.h
index 5c6b89f354a43211a2867e3f55a1b8b9573315e2..d24bd62acfb088f69b7d8ca992253d1fb4b9cc69 100644 (file)
--- a/src/security/PeerOptions.h
+++ b/src/security/PeerOptions.h
@@ -22,7 +22,7 @@ namespace Security
 class PeerOptions
 {
 public:
-    PeerOptions() = default;
+    PeerOptions();
     PeerOptions(const PeerOptions &);
     PeerOptions &operator =(const PeerOptions &);
     virtual ~PeerOptions() {}