src/patches/squid/squid-3.5-14075.patch

   1 ------------------------------------------------------------
   2 revno: 14075
   3 revision-id: squid3@treenet.co.nz-20160817133413-vdmm0d6kvo8bfszk
   4 parent: squid3@treenet.co.nz-20160817054829-rl7q49ysi40sj01i
   5 committer: Amos Jeffries <squid3@treenet.co.nz>
   6 branch nick: 3.5
   7 timestamp: Thu 2016-08-18 01:34:13 +1200
   8 message:
   9   Fix logic error in rev.13930
  10
  11    Using !=0 on both string compares means any login= value will permit
  12    40x responses through. Only PASS and PASSTHRU should be doing that.
  13
  14    Detected by Coverity Scan. Issue 1364711
  15 ------------------------------------------------------------
  16 # Bazaar merge directive format 2 (Bazaar 0.90)
  17 # revision_id: squid3@treenet.co.nz-20160817133413-vdmm0d6kvo8bfszk
  18 # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
  19 # testament_sha1: 31f0c4e0f435e0aa994ffe8937e4d4c58fed37f5
  20 # timestamp: 2016-08-17 13:34:59 +0000
  21 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
  22 # base_revision_id: squid3@treenet.co.nz-20160817054829-\
  23 #   rl7q49ysi40sj01i
  24 #
  25 # Begin patch
  26 === modified file 'src/tunnel.cc'
  27 --- src/tunnel.cc       2016-01-01 00:14:27 +0000
  28 +++ src/tunnel.cc       2016-08-17 13:34:13 +0000
  29 @@ -476,7 +476,7 @@
  30
  31      // we need to relay the 401/407 responses when login=PASS(THRU)
  32      const char *pwd = server.conn->getPeer()->login;
  33 -    const bool relay = pwd && (strcmp(pwd, "PASS") != 0 || strcmp(pwd, "PASSTHRU") != 0) &&
  34 +    const bool relay = pwd && (strcmp(pwd, "PASS") == 0 || strcmp(pwd, "PASSTHRU") == 0) &&
  35                         (*status_ptr == Http::scProxyAuthenticationRequired ||
  36                          *status_ptr == Http::scUnauthorized);
  37
  38