commit afcff5ec02ea196704a0f40014b21a53911b4e17 (refs/remotes/origin/v3.5)
Author: Amos Jeffries <amosjeffries@squid-cache.org>
Date:   2018-04-17 10:02:25 +1200

    Skip ssl_bump ACL checks for internal requests

diff --git a/src/client_side_request.cc b/src/client_side_request.cc
index 203f89d..7fb58c2 100644
--- a/src/client_side_request.cc
+++ b/src/client_side_request.cc
@@ -1419,6 +1419,11 @@ ClientRequestContext::checkNoCacheDone(const allow_t &answer)
 bool
 ClientRequestContext::sslBumpAccessCheck()
 {
+    if (!http->getConn()) {
+        http->al->ssl.bumpMode = Ssl::bumpEnd; // SslBump does not apply; log -
+        return false;
+    }
+
     // If SSL connection tunneling or bumping decision has been made, obey it.
     const Ssl::BumpMode bumpMode = http->getConn()->sslBumpMode;
     if (bumpMode != Ssl::bumpEnd) {