Sat Sep 25 11:05:41 CEST 1999
Modified Files in squid/src
	ssl.c 

CONNECT was not under the control of miss_access.


Index: squid/src/ssl.c
diff -u squid/src/ssl.c:1.1.1.20.2.2 squid/src/ssl.c:1.1.1.20.2.3
--- squid/src/ssl.c:1.1.1.20.2.2	Sat Sep 18 18:07:47 1999
+++ squid/src/ssl.c	Sat Sep 25 11:05:40 1999
@@ -414,6 +414,31 @@
     SslStateData *sslState = NULL;
     int sock;
     ErrorState *err = NULL;
+    aclCheck_t ch;
+    int answer;
+    /*
+       * client_addr == no_addr indicates this is an "internal" request
+       * from peer_digest.c, asn.c, netdb.c, etc and should always
+       * be allowed.  yuck, I know.
+       */
+    if (request->client_addr.s_addr != no_addr.s_addr) {
+	/*
+	   * Check if this host is allowed to fetch MISSES from us (miss_access)
+	   */
+	memset(&ch, '\0', sizeof(aclCheck_t));
+	ch.src_addr = request->client_addr;
+	ch.my_addr = request->my_addr;
+	ch.my_port = request->my_port;
+	ch.request = request;
+	answer = aclCheckFast(Config.accessList.miss, &ch);
+	if (answer == 0) {
+	    err = errorCon(ERR_FORWARDING_DENIED, HTTP_FORBIDDEN);
+	    err->request = requestLink(request);
+	    err->src_addr = request->client_addr;
+	    errorSend(fd, err);
+	    return;
+	}
+    }
     debug(26, 3) ("sslStart: '%s %s'\n",
 	RequestMethodStr[request->method], url);
     Counter.server.all.requests++;