]>
Commit | Line | Data |
---|---|---|
b99c048a MW |
1 | Index: squid/src/acl.c |
2 | diff -c squid/src/acl.c:1.270.2.14 squid/src/acl.c:1.270.2.15 | |
3 | *** squid/src/acl.c:1.270.2.14 Tue May 6 13:54:28 2003 | |
4 | --- squid/src/acl.c Wed May 7 13:55:00 2003 | |
5 | *************** | |
6 | *** 1424,1434 **** | |
7 | case AUTH_ACL_HELPER: | |
8 | debug(28, 4) ("aclMatchAcl: returning 0 sending credentials to helper.\n"); | |
9 | checklist->state[ACL_PROXY_AUTH] = ACL_LOOKUP_NEEDED; | |
10 | ! return 0; | |
11 | case AUTH_ACL_CHALLENGE: | |
12 | debug(28, 4) ("aclMatchAcl: returning 0 sending authentication challenge.\n"); | |
13 | checklist->state[ACL_PROXY_AUTH] = ACL_PROXY_AUTH_NEEDED; | |
14 | ! return 0; | |
15 | default: | |
16 | fatal("unexpected authenticateAuthenticate reply\n"); | |
17 | return -1; | |
18 | --- 1424,1434 ---- | |
19 | case AUTH_ACL_HELPER: | |
20 | debug(28, 4) ("aclMatchAcl: returning 0 sending credentials to helper.\n"); | |
21 | checklist->state[ACL_PROXY_AUTH] = ACL_LOOKUP_NEEDED; | |
22 | ! return -1; | |
23 | case AUTH_ACL_CHALLENGE: | |
24 | debug(28, 4) ("aclMatchAcl: returning 0 sending authentication challenge.\n"); | |
25 | checklist->state[ACL_PROXY_AUTH] = ACL_PROXY_AUTH_NEEDED; | |
26 | ! return -1; | |
27 | default: | |
28 | fatal("unexpected authenticateAuthenticate reply\n"); | |
29 | return -1; | |
30 | *************** | |
31 | *** 1692,1702 **** | |
32 | aclMatchAclList(const acl_list * list, aclCheck_t * checklist) | |
33 | { | |
34 | while (list) { | |
35 | AclMatchedName = list->acl->name; | |
36 | debug(28, 3) ("aclMatchAclList: checking %s%s\n", | |
37 | list->op ? null_string : "!", list->acl->name); | |
38 | ! if (aclMatchAcl(list->acl, checklist) != list->op) { | |
39 | ! debug(28, 3) ("aclMatchAclList: returning 0\n"); | |
40 | return 0; | |
41 | } | |
42 | list = list->next; | |
43 | --- 1692,1708 ---- | |
44 | aclMatchAclList(const acl_list * list, aclCheck_t * checklist) | |
45 | { | |
46 | while (list) { | |
47 | + int answer; | |
48 | AclMatchedName = list->acl->name; | |
49 | debug(28, 3) ("aclMatchAclList: checking %s%s\n", | |
50 | list->op ? null_string : "!", list->acl->name); | |
51 | ! answer = aclMatchAcl(list->acl, checklist); | |
52 | ! if (answer < 0) { | |
53 | ! debug(28, 3) ("aclMatchAclList: failure. returning -1\n"); | |
54 | ! return -1; | |
55 | ! } | |
56 | ! if (answer != list->op) { | |
57 | ! debug(28, 3) ("aclMatchAclList: no match, returning 0\n"); | |
58 | return 0; | |
59 | } | |
60 | list = list->next; | |
61 | *************** | |
62 | *** 1719,1728 **** | |
63 | aclCheckFast(const acl_access * A, aclCheck_t * checklist) | |
64 | { | |
65 | allow_t allow = ACCESS_DENIED; | |
66 | debug(28, 5) ("aclCheckFast: list: %p\n", A); | |
67 | while (A) { | |
68 | allow = A->allow; | |
69 | ! if (aclMatchAclList(A->acl_list, checklist)) { | |
70 | aclCheckCleanup(checklist); | |
71 | return allow == ACCESS_ALLOWED; | |
72 | } | |
73 | --- 1725,1738 ---- | |
74 | aclCheckFast(const acl_access * A, aclCheck_t * checklist) | |
75 | { | |
76 | allow_t allow = ACCESS_DENIED; | |
77 | + int answer; | |
78 | debug(28, 5) ("aclCheckFast: list: %p\n", A); | |
79 | while (A) { | |
80 | allow = A->allow; | |
81 | ! answer = aclMatchAclList(A->acl_list, checklist); | |
82 | ! if (answer) { | |
83 | ! if (answer < 0) | |
84 | ! return ACCESS_DENIED; | |
85 | aclCheckCleanup(checklist); | |
86 | return allow == ACCESS_ALLOWED; | |
87 | } | |
88 | *************** | |
89 | *** 1754,1759 **** | |
90 | --- 1764,1771 ---- | |
91 | debug(28, 3) ("aclCheck: checking '%s'\n", A->cfgline); | |
92 | allow = A->allow; | |
93 | match = aclMatchAclList(A->acl_list, checklist); | |
94 | + if (match == -1) | |
95 | + allow = ACCESS_DENIED; | |
96 | if (checklist->state[ACL_DST_IP] == ACL_LOOKUP_NEEDED) { | |
97 | checklist->state[ACL_DST_IP] = ACL_LOOKUP_PENDING; | |
98 | ipcache_nbgethostbyname(checklist->request->host, | |
99 | *************** | |
100 | *** 1807,1813 **** | |
101 | debug(28, 1) ("aclCheck: Can't start ident lookup. No client connection\n"); | |
102 | cbdataUnlock(checklist->conn); | |
103 | checklist->conn = NULL; | |
104 | ! allow = 0; | |
105 | match = -1; | |
106 | } | |
107 | } | |
108 | --- 1819,1825 ---- | |
109 | debug(28, 1) ("aclCheck: Can't start ident lookup. No client connection\n"); | |
110 | cbdataUnlock(checklist->conn); | |
111 | checklist->conn = NULL; | |
112 | ! allow = ACCESS_DENIED; | |
113 | match = -1; | |
114 | } | |
115 | } |