Bug 3412: External ACL Uses Invalid Cache Entry

diff --git a/src/external_acl.cc b/src/external_acl.cc
index 342e8cb383cdf39e359a409b4dab931fbd3351b5..8a6869cd432d66fc0582ce30f21722636ceaa188 100644 (file)
--- a/src/external_acl.cc
+++ b/src/external_acl.cc
@@ -688,9 +688,15 @@ aclMatchExternal(external_acl_data *acl, ACLFilledChecklist *ch)
     entry = ch->extacl_entry;
 
     if (entry) {
-        if (cbdataReferenceValid(entry) && entry->def == acl->def &&
-                strcmp((char *)entry->key, key) == 0) {
-            /* Ours, use it.. */
+        if (cbdataReferenceValid(entry) && entry->def == acl->def) {
+            /* Ours, use it.. if the key matches */
+            key = makeExternalAclKey(ch, acl);
+            if (strcmp(key, (char*)entry->key) != 0) {
+                debugs(82, 9, HERE << "entry key='" << (char *)entry->key << "', our key='" << key << "' dont match. Discarded.");
+                // too bad. need a new lookup.
+                cbdataReferenceDone(ch->extacl_entry);
+                entry = NULL;
+            }
         } else {
             /* Not valid, or not ours.. get rid of it */
             cbdataReferenceDone(ch->extacl_entry);