From: Ruediger Pluem <rpluem@apache.org>
Date: Wed, 22 May 2019 09:54:05 +0000 (+0000)
Subject: * Fix the logic to follow the comment. So far we only forwarded the header if
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a84a80c1e53c2bc6cf7ac39fb2ab09f3a99a851d;p=apache

* Fix the logic to follow the comment. So far we only forwarded the header if
  we have NOT used it AND the env variable was set. But if we have not
  used it we should forward it in any case independent of the env variable
  setting.
  This aligns also with the behaviour in ap_proxy_create_hdrbrgd.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1859713 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
index 460342bc77..092c4fe04d 100644
--- a/modules/proxy/proxy_util.c
+++ b/modules/proxy/proxy_util.c
@@ -2528,8 +2528,8 @@ ap_proxy_determine_connection(apr_pool_t *p, request_rec *r,
                     proxy_auth = apr_table_get(r->headers_in, "Proxy-Authorization");
                     if (proxy_auth != NULL &&
                         proxy_auth[0] != '\0' &&
-                        r->user == NULL && /* we haven't yet authenticated */
-                        apr_table_get(r->subprocess_env, "Proxy-Chain-Auth")) {
+                        (r->user == NULL || /* we haven't yet authenticated */
+                        apr_table_get(r->subprocess_env, "Proxy-Chain-Auth"))) {
                         forward->proxy_auth = apr_pstrdup(conn->pool, proxy_auth);
                     }
                 }