From: Amos Jeffries Date: Thu, 19 Feb 2009 02:08:56 +0000 (+1300) Subject: Author: Henrik Nordstrom X-Git-Tag: SQUID_3_0_STABLE14~27 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f75baf093a4fb41cfc7e5a095a5dd97af7863dcf;p=thirdparty%2Fsquid.git Author: Henrik Nordstrom external_acl_type %<{ and %USER_CERT_ / %CA_CERT_ parsing brokenness The parsing of external_acl_type formats was sligtly broken, destroying %<{ (request header) if SSL was enabled and never able to parse %USER_CERT_ or %CA_CERT_.. Also clarified request/reply header syntax slightly --- diff --git a/src/cf.data.pre b/src/cf.data.pre index e28326337a..6e0c47a853 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -405,8 +405,8 @@ DOC_START %USER_CERTCHAIN SSL User certificate chain in PEM format %USER_CERT_xx SSL User certificate subject attribute xx %USER_CA_xx SSL User certificate issuer attribute xx - %{Header} HTTP request header - %{Hdr:member} HTTP request header list member + %{Header} HTTP request header "Header" + %{Hdr:member} HTTP request header "Hdr" list member "member" %{Hdr:;member} HTTP request header list member using ; as list separator. ; can be any non-alphanumeric diff --git a/src/external_acl.cc b/src/external_acl.cc index eb890b3c2f..25988b13ca 100644 --- a/src/external_acl.cc +++ b/src/external_acl.cc @@ -357,10 +357,10 @@ parse_externalAclHelper(external_acl ** list) format->type = _external_acl_format::EXT_ACL_USER_CERT_RAW; else if (strcmp(token, "%USER_CERTCHAIN") == 0) format->type = _external_acl_format::EXT_ACL_USER_CERTCHAIN_RAW; - else if (strncmp(token, "%USER_CERT_", 11)) { + else if (strncmp(token, "%USER_CERT_", 11) == 0) { format->type = _external_acl_format::EXT_ACL_USER_CERT; format->header = xstrdup(token + 11); - } else if (strncmp(token, "%CA_CERT_", 11)) { + } else if (strncmp(token, "%CA_CERT_", 11) == 0) { format->type = _external_acl_format::EXT_ACL_USER_CERT; format->header = xstrdup(token + 11); }