Author: Christos Tsantilas <chtsanti@users.sourceforge.net>

Bug 2400: ICAP accept mechanism assumes okay result

ACL checks produces an ACCESS_REQ_PROXY_AUTH result but ICAP
result handler assumes any non-zero result means ACCESS_ALLOWED

This can result in many requests being shunted to ICAP incorrently.

diff --git a/src/ICAP/ICAPConfig.cc b/src/ICAP/ICAPConfig.cc
index 4bb699a658c4163e36926d1c2b6a1d5265038af5..378e461b26c244a1ef0ab8660c56fcae125f7e11 100644 (file)
--- a/src/ICAP/ICAPConfig.cc
+++ b/src/ICAP/ICAPConfig.cc
@@ -218,7 +218,7 @@ ICAPAccessCheck::ICAPAccessCheckCallbackWrapper(int answer, void *data)
         debugs(93, 5, "ICAPAccessCheckCallbackWrapper matchedClass = " << ac->matchedClass.buf());
     }
 
-    if (!answer) {
+    if (answer!=ACCESS_ALLOWED) {
         ac->checkCandidates();
         return;
     }