From: Amos Jeffries Date: Wed, 5 May 2010 12:25:14 +0000 (+1200) Subject: Make proxy_auth ACL fail on invalid auth credentials. X-Git-Tag: SQUID_3_2_0_1~167^2~13 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7d20e1402cd5f6b4b44956c9b1e3a1e27fb4dac9;p=thirdparty%2Fsquid.git Make proxy_auth ACL fail on invalid auth credentials. --- diff --git a/src/auth/AclProxyAuth.cc b/src/auth/AclProxyAuth.cc index a0a16b9cad..c7b6fe6a23 100644 --- a/src/auth/AclProxyAuth.cc +++ b/src/auth/AclProxyAuth.cc @@ -208,19 +208,10 @@ int ACLProxyAuth::matchProxyAuth(ACLChecklist *cl) { ACLFilledChecklist *checklist = Filled(cl); - checkAuthForCaching(checklist); + if (!authenticateUserAuthenticated(Filled(checklist)->auth_user_request)) + return 0; /* check to see if we have matched the user-acl before */ int result = cacheMatchAcl(&checklist->auth_user_request->user()->proxy_match_cache, checklist); checklist->auth_user_request = NULL; return result; } - -void -ACLProxyAuth::checkAuthForCaching(ACLChecklist *checklist)const -{ - /* for completeness */ - /* consistent parameters ? */ - assert(authenticateUserAuthenticated(Filled(checklist)->auth_user_request)); - /* this check completed */ -} - diff --git a/src/auth/AclProxyAuth.h b/src/auth/AclProxyAuth.h index 8183d99ba8..390fd2a52b 100644 --- a/src/auth/AclProxyAuth.h +++ b/src/auth/AclProxyAuth.h @@ -82,7 +82,7 @@ public: virtual bool empty () const; virtual bool requiresRequest() const {return true;} - virtual ACL *clone()const; + virtual ACL *clone() const; virtual int matchForCache(ACLChecklist *checklist); private: @@ -91,7 +91,6 @@ private: static Prototype RegexRegistryProtoype; static ACLProxyAuth RegexRegistryEntry_; int matchProxyAuth(ACLChecklist *); - void checkAuthForCaching(ACLChecklist *) const; ACLData *data; char const *type_; };