From: Christos Tsantilas Date: Wed, 30 Jul 2014 15:31:10 +0000 (+0300) Subject: Fix %USER_CA_CERT_* and %CA_CERT_ external_acl formating codes X-Git-Tag: SQUID_3_5_0_1~128 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=f06585e0a6444d25e9086094c3d77837f2c29902;p=thirdparty%2Fsquid.git Fix %USER_CA_CERT_* and %CA_CERT_ external_acl formating codes * The attribute part of the %USER_CA_CERT_xx and %CA_CERT_xx formating codes is not parsed correctly, make these formating codes useless. * The %USER_CA_CERT_xx documented wrongly --- diff --git a/src/cf.data.pre b/src/cf.data.pre index 54fd5b8a98..dde3ac5ab5 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -620,7 +620,7 @@ DOC_START %USER_CERT SSL User certificate in PEM format %USER_CERTCHAIN SSL User certificate chain in PEM format %USER_CERT_xx SSL User certificate subject attribute xx - %USER_CA_xx SSL User certificate issuer attribute xx + %USER_CA_CERT_xx SSL User certificate issuer attribute xx %>{Header} HTTP request header "Header" %>{Hdr:member} diff --git a/src/external_acl.cc b/src/external_acl.cc index 450aa34535..5cf944b76d 100644 --- a/src/external_acl.cc +++ b/src/external_acl.cc @@ -416,13 +416,13 @@ parse_externalAclHelper(external_acl ** list) else if (strncmp(token, "%USER_CERT_", 11) == 0) { format->type = Format::LFT_EXT_ACL_USER_CERT; format->header = xstrdup(token + 11); - } else if (strncmp(token, "%USER_CA_CERT_", 11) == 0) { + } else if (strncmp(token, "%USER_CA_CERT_", 14) == 0) { format->type = Format::LFT_EXT_ACL_USER_CA_CERT; - format->header = xstrdup(token + 11); - } else if (strncmp(token, "%CA_CERT_", 11) == 0) { + format->header = xstrdup(token + 14); + } else if (strncmp(token, "%CA_CERT_", 9) == 0) { debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type %CA_CERT_* code is obsolete. Use %USER_CA_CERT_* instead"); format->type = Format::LFT_EXT_ACL_USER_CA_CERT; - format->header = xstrdup(token + 11); + format->header = xstrdup(token + 9); } #endif #if USE_AUTH