From 9c0593faf5b03a8b5625494d15702553edd41617 Mon Sep 17 00:00:00 2001
From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 18 Aug 2016 01:34:13 +1200
Subject: [PATCH] Fix logic error in rev.13930

 Using !=0 on both string compares means any login= value will permit
 40x responses through. Only PASS and PASSTHRU should be doing that.

 Detected by Coverity Scan. Issue 1364711
---
 src/tunnel.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tunnel.cc b/src/tunnel.cc
index 43e74dd54f..73d64115af 100644
--- a/src/tunnel.cc
+++ b/src/tunnel.cc
@@ -476,7 +476,7 @@ TunnelStateData::handleConnectResponse(const size_t chunkSize)
 
     // we need to relay the 401/407 responses when login=PASS(THRU)
     const char *pwd = server.conn->getPeer()->login;
-    const bool relay = pwd && (strcmp(pwd, "PASS") != 0 || strcmp(pwd, "PASSTHRU") != 0) &&
+    const bool relay = pwd && (strcmp(pwd, "PASS") == 0 || strcmp(pwd, "PASSTHRU") == 0) &&
                        (*status_ptr == Http::scProxyAuthenticationRequired ||
                         *status_ptr == Http::scUnauthorized);
 
-- 
2.47.2