------------------------------------------------------------
revno: 12679
revision-id: squid3@treenet.co.nz-20140520164322-out2c9fak6sb2u4x
parent: squid3@treenet.co.nz-20140309052400-23f11xj0972bduy0
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.3
timestamp: Tue 2014-05-20 09:43:22 -0700
message:
  Fix segfault setting up server SSL connnection
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20140520164322-out2c9fak6sb2u4x
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.3
# testament_sha1: 510c27a4762889e774229bd508e57ca307e1e150
# timestamp: 2014-05-20 16:54:14 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.3
# base_revision_id: squid3@treenet.co.nz-20140309052400-\
#   23f11xj0972bduy0
# 
# Begin patch
=== modified file 'src/forward.cc'
--- src/forward.cc	2013-09-29 17:47:16 +0000
+++ src/forward.cc	2014-05-20 16:43:22 +0000
@@ -726,7 +726,8 @@
             // For intercepted connections, set the host name to the server
             // certificate CN. Otherwise, we just hope that CONNECT is using
             // a user-entered address (a host name or a user-entered IP).
-            const bool isConnectRequest = !request->clientConnectionManager->port->spoof_client_ip &&
+            const bool isConnectRequest = request->clientConnectionManager.valid() &&
+                                          !request->clientConnectionManager->port->spoof_client_ip &&
                                           !request->clientConnectionManager->port->intercepted;
             if (request->flags.sslPeek && !isConnectRequest) {
                 if (X509 *srvX509 = errDetails->peerCert()) {
@@ -823,7 +824,8 @@
         // unless it was the CONNECT request with a user-typed address.
         const char *hostname = request->GetHost();
         const bool hostnameIsIp = request->GetHostIsNumeric();
-        const bool isConnectRequest = !request->clientConnectionManager->port->spoof_client_ip &&
+        const bool isConnectRequest = request->clientConnectionManager.valid() &&
+                                      !request->clientConnectionManager->port->spoof_client_ip &&
                                       !request->clientConnectionManager->port->intercepted;
         if (!request->flags.sslPeek || isConnectRequest)
             SSL_set_ex_data(ssl, ssl_ex_index_server, (void*)hostname);