From: Amos Jeffries <squid3@treenet.co.nz>
Date: Tue, 9 Aug 2016 14:08:25 +0000 (+1200)
Subject: Fix logic error in rev.14321
X-Git-Tag: SQUID_4_0_14~44
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=243d456c806be55e0a9f166981a709cbd3fe2e5d;p=thirdparty%2Fsquid.git

Fix logic error in rev.14321

 Using !=0 on both string compares means any login= value will permit
 40x responses through. Only PASS and PASSTHRU should be doing that.

 Detected by Coverity Scan. Issue 1364711
---

diff --git a/src/tunnel.cc b/src/tunnel.cc
index de62c732a0..0a76aaa452 100644
--- a/src/tunnel.cc
+++ b/src/tunnel.cc
@@ -499,7 +499,7 @@ TunnelStateData::handleConnectResponse(const size_t chunkSize)
 
     // we need to relay the 401/407 responses when login=PASS(THRU)
     const char *pwd = server.conn->getPeer()->login;
-    const bool relay = pwd && (strcmp(pwd, "PASS") != 0 || strcmp(pwd, "PASSTHRU") != 0) &&
+    const bool relay = pwd && (strcmp(pwd, "PASS") == 0 || strcmp(pwd, "PASSTHRU") == 0) &&
                        (*status_ptr == Http::scProxyAuthenticationRequired ||
                         *status_ptr == Http::scUnauthorized);