------------------------------------------------------------
revno: 14075
revision-id: squid3@treenet.co.nz-20160817133413-vdmm0d6kvo8bfszk
parent: squid3@treenet.co.nz-20160817054829-rl7q49ysi40sj01i
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.5
timestamp: Thu 2016-08-18 01:34:13 +1200
message:
  Fix logic error in rev.13930
  
   Using !=0 on both string compares means any login= value will permit
   40x responses through. Only PASS and PASSTHRU should be doing that.
  
   Detected by Coverity Scan. Issue 1364711
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20160817133413-vdmm0d6kvo8bfszk
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
# testament_sha1: 31f0c4e0f435e0aa994ffe8937e4d4c58fed37f5
# timestamp: 2016-08-17 13:34:59 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
# base_revision_id: squid3@treenet.co.nz-20160817054829-\
#   rl7q49ysi40sj01i
# 
# Begin patch
=== modified file 'src/tunnel.cc'
--- src/tunnel.cc	2016-01-01 00:14:27 +0000
+++ src/tunnel.cc	2016-08-17 13:34:13 +0000
@@ -476,7 +476,7 @@
 
     // we need to relay the 401/407 responses when login=PASS(THRU)
     const char *pwd = server.conn->getPeer()->login;
-    const bool relay = pwd && (strcmp(pwd, "PASS") != 0 || strcmp(pwd, "PASSTHRU") != 0) &&
+    const bool relay = pwd && (strcmp(pwd, "PASS") == 0 || strcmp(pwd, "PASSTHRU") == 0) &&
                        (*status_ptr == Http::scProxyAuthenticationRequired ||
                         *status_ptr == Http::scUnauthorized);