From: Amos Jeffries <squid3@treenet.co.nz>
Date: Wed, 24 Apr 2013 15:14:26 +0000 (-0600)
Subject: Fix undefined symbols in rev.12766
X-Git-Tag: SQUID_3_4_0_1~187
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d4a56c34ee3b6fab98cc36ce7e2fbbf935b4a0fe;p=thirdparty%2Fsquid.git

Fix undefined symbols in rev.12766

The code changes to prevent several useless allocations on missing
sslproxy_cert_error directive left a few lines out of place.
Shuffle cert.sslErrors setup back to the original code sequence and
define allowDomainMismatch early as false for the default handling.
---

diff --git a/src/client_side.cc b/src/client_side.cc
index 34f330b7ac..1c1bb94024 100644
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -2619,13 +2619,14 @@ bool ConnStateData::serveDelayedError(ClientSocketContext *context)
             debugs(33, 2, "SQUID_X509_V_ERR_DOMAIN_MISMATCH: Certificate " <<
                    "does not match domainname " << request->GetHost());
 
+            bool allowDomainMismatch = false;
             if (Config.ssl_client.cert_error) {
                 ACLFilledChecklist check(Config.ssl_client.cert_error, request, dash_str);
-                const bool allowDomainMismatch = (check.fastCheck() == ACCESS_ALLOWED);
+                check.sslErrors = new Ssl::Errors(SQUID_X509_V_ERR_DOMAIN_MISMATCH);
+                allowDomainMismatch = (check.fastCheck() == ACCESS_ALLOWED);
                 delete check.sslErrors;
                 check.sslErrors = NULL;
             }
-            check.sslErrors = new Ssl::Errors(SQUID_X509_V_ERR_DOMAIN_MISMATCH);
 
             if (!allowDomainMismatch) {
                 quitAfterError(request);