Name-only note ACL stopped matching after trunk r14465 (note -m).

Despite this fix, empty ACLStringData values (also used for myportname,
peername, tag, and other ACLs) must [continue to] match nothing because
Squid ORs acl values. In math, empty disjunction is false.

The note ACL matches name:value entries, not bare values. A valueless
name has a different semantics than an empty list of bare values. It is

  (name and value1) or (name and value2)

rather than

  name and (value1 or value2)

where an empty value disjunction would have falsified the whole
condition.

This is a Measurement Factory project.

diff --git a/src/acl/NoteData.cc b/src/acl/NoteData.cc
index 9ee6e2a76168131891ca48331b42e5e48fa89814..d071a578bd844ab5e0871daa5af3d58edd0b6935 100644 (file)
--- a/src/acl/NoteData.cc
+++ b/src/acl/NoteData.cc
@@ -26,7 +26,12 @@ ACLNoteData::~ACLNoteData()
 bool
 ACLNoteData::match(NotePairs::Entry *entry)
 {
-    return !entry->name.cmp(name.termedBuf()) && values->match(entry->value.termedBuf());
+    if (entry->name.cmp(name.termedBuf()) != 0)
+        return false; // name mismatch
+
+    // a name-only note ACL matches any value; others require a values match
+    return values->empty() ||
+        values->match(entry->value.termedBuf());
 }
 
 SBufList