My changes to the way that the client-side performed http_access,
redirector, and no_cache checks introduced a serious bug. Using
any proxy authentication would crash Squid.
One problem was that clientAccessCheckDone() should have returned
after generating the error page. Instead it tried to keep going,
as though access were allowed.
The other problem was due to a recently added assertion, which was
incorrect. Instead of asserting, the ClientRequestContext destructor
now releases its lock on the parent ClientHttpRequest if necessary.
projects / thirdparty / squid.git / commit
