1 files changed, 22 insertions, 16 deletions
diff --git a/config/squid-reverse/squid_reverse.inc b/config/squid-reverse/squid_reverse.inc
index b208b7b1..652931c8 100644
--- a/config/squid-reverse/squid_reverse.inc
+++ b/config/squid-reverse/squid_reverse.inc
@@ -68,7 +68,7 @@ function squid_resync_reverse() {
 	$http_defsite=(empty($settings['reverse_http_defsite'])?$settings['reverse_external_fqdn']:$settings['reverse_http_defsite']);
 	
 	#set HTTPS port and defsite
-	$https_port=(empty($settings['reverse_https_port'])?"80":$settings['reverse_https_port']);
+	$https_port=(empty($settings['reverse_https_port'])?"443":$settings['reverse_https_port']);
 	$https_defsite=(empty($settings['reverse_https_defsite'])?$settings['reverse_external_fqdn']:$settings['reverse_https_defsite']);
 	
 	foreach (explode(",", $ifaces) as $i => $iface) {
@@ -79,7 +79,7 @@ function squid_resync_reverse() {
 		      		$conf .= "http_port {$real_ifaces[$i][0]}:{$http_port} accel defaultsite={$http_defsite} vhost\n";
 		      //HTTPS
 		      if (!empty($settings['reverse_https']))
-		      		$conf .= "https_port {$real_ifaces[$i][0]}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite}\n";
+		      		$conf .= "https_port {$real_ifaces[$i][0]}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite} vhost\n";
 			}
 		}
 		
@@ -91,7 +91,7 @@ function squid_resync_reverse() {
 		      		$conf .= "http_port {$reip}:{$http_port} accel defaultsite={$http_defsite} vhost\n";
 		      //HTTPS
 		      if (!empty($settings['reverse_https']))
-		      		$conf .= "https_port {$reip}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite}\n";
+		      		$conf .= "https_port {$reip}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite} vhost\n";
 			}
 	 	}
 
@@ -104,10 +104,10 @@ function squid_resync_reverse() {
  	 foreach ($reverse_peers as $rp){
  		if ($rp['enable'] =="on" && $rp['name'] !="" && $rp['ip'] !="" && $rp['port'] !=""){
  			$conf_peer = "#{$rp['description']}\n";
- 			$conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query originserver login=PASS ";
+ 			$conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASS ";
  			if($rp['protocol'] == 'HTTPS')
 	            	$conf_peer .= "ssl sslflags=DONT_VERIFY_PEER front-end-https=auto ";
-			$conf_peer .= "name={$rp['name']}\n\n";
+			$conf_peer .= "name=rvp_{$rp['name']}\n\n";
 			
 			// add peer only if reverse proxy is enabled for http
 			if($rp['protocol'] == 'HTTP' && $settings['reverse_http'] =="on"){
@@ -116,8 +116,10 @@ function squid_resync_reverse() {
 				}
 			// add peer only if if reverse proxy is enabled for https
 			if($rp['protocol'] == 'HTTPS' && $settings['reverse_https'] =="on"){
-				$conf .= $conf_peer;
- 				array_push($active_peers,$rp['name']);
+				if (!in_array($rp['name'],$active_peers)){
+					$conf .= $conf_peer;
+ 					array_push($active_peers,$rp['name']);
+					}
 				}
  			}
  	}
@@ -131,7 +133,7 @@ function squid_resync_reverse() {
 			array_push($owa_dirs,'owa','exchange','public','exchweb','ecp','OAB');
 			if($settings['reverse_owa_activesync'])
 					array_push($owa_dirs,'Microsoft-Server-ActiveSync');
-			if($settngs['reverse_owa_rpchttp'])	
+			if($settings['reverse_owa_rpchttp'])	
 					array_push($owa_dirs,'rpc/rpcproxy.dll','rpcwithcert/rpcproxy.dll');
 			if($settings['reverse_owa_autodiscover'])
 					array_push($owa_dirs,'autodiscover');
@@ -150,14 +152,18 @@ function squid_resync_reverse() {
 		if ($rm['enable'] == "on" && $rm['name']!="" && $rm['peers']!=""){
 		    if (is_array($rm['row']))
 				foreach ($rm['row'] as $uri){
-					$url_regex=($uri['vhost'] == ''?$settings['reverse_external_fqdn']:$uri['vhost']);
-					$conf .= "acl {$rm['name']} url_regex -i {$url_regex}/{$uri['uri']}.*$\n";
-					$cache_peer_never_direct_conf .= "never_direct allow {$rm['name']}\n";
-					$http_access_conf .= "http_access allow {$rm['name']}\n";
-					foreach (explode(',',$rm['peers']) as $map_peer)
-						if (in_array($map_peer,$active_peers)){
-							$cache_peer_allow_conf .= "cache_peer_access {$map_peer} allow {$rm['name']}\n";
-							$cache_peer_deny_conf .= "cache_peer_access {$map_peer} deny allsrc\n";
+					$url_regex=($uri['uri'] == '' ? $settings['reverse_external_fqdn'] : $uri['uri'] );
+					//$conf .= "acl rvm_{$rm['name']} url_regex -i {$uri['uri']}{$url_regex}.*$\n";
+					$conf .= "acl rvm_{$rm['name']} url_regex -i {$url_regex}\n";
+					if($rm['name'] != $last_rm_name){
+						$cache_peer_never_direct_conf .= "never_direct allow rvm_{$rm['name']}\n";
+						$http_access_conf .= "http_access allow rvm_{$rm['name']}\n";
+						foreach (explode(',',$rm['peers']) as $map_peer)
+							if (in_array($map_peer,$active_peers)){
+								$cache_peer_allow_conf .= "cache_peer_access rvp_{$map_peer} allow rvm_{$rm['name']}\n";
+								$cache_peer_deny_conf .= "cache_peer_access rvp_{$map_peer} deny allsrc\n";
+							}
+						$last_rm_name=$rm['name'];
 						}
 				}
 	 	}