Skip ssl_bump ACL checks for internal requests

author Amos Jeffries <amosjeffries@squid-cache.org>

Mon, 16 Apr 2018 22:02:25 +0000 (10:02 +1200)

committer Amos Jeffries <yadij@users.noreply.github.com>

Tue, 17 Apr 2018 08:05:40 +0000 (20:05 +1200)
author Amos Jeffries <amosjeffries@squid-cache.org>
Mon, 16 Apr 2018 22:02:25 +0000 (10:02 +1200)
committer Amos Jeffries <yadij@users.noreply.github.com>
Tue, 17 Apr 2018 08:05:40 +0000 (20:05 +1200)
diff --git a/src/client_side_request.cc b/src/client_side_request.cc

index 203f89d4699935aefc0edae7942c3649e4d86897..7fb58c276e56a817830fb45039330fce37e5287b 100644 (file)
--- a/src/client_side_request.cc
+++ b/src/client_side_request.cc
@@ -1419,6 +1419,11 @@ ClientRequestContext::checkNoCacheDone(const allow_t &answer)
  bool
  ClientRequestContext::sslBumpAccessCheck()
  {
+    if (!http->getConn()) {
+        http->al->ssl.bumpMode = Ssl::bumpEnd; // SslBump does not apply; log -
+        return false;
+    }
+
      // If SSL connection tunneling or bumping decision has been made, obey it.
      const Ssl::BumpMode bumpMode = http->getConn()->sslBumpMode;
      if (bumpMode != Ssl::bumpEnd) {
author	Amos Jeffries <amosjeffries@squid-cache.org>
	Mon, 16 Apr 2018 22:02:25 +0000 (10:02 +1200)
committer	Amos Jeffries <yadij@users.noreply.github.com>
	Tue, 17 Apr 2018 08:05:40 +0000 (20:05 +1200)