[squid-dev] [PATCH] comm_connect_addr on failures return Comm:OK

Tsantilas Christos chtsanti at users.sourceforge.net
Fri May 8 15:56:29 UTC 2015

I found the following problem in squid-trunk and squid-3.5:

   - Squid calls peer_select to retrieve server destinations addresses
   - The peer_select returns two ip addresses, the first is an ipv6 
address the second one is an ipv4.
   - The FwdState creates a Comm::ConnOpener object which fails to 
connect to the first address, but returns Comm:OK.
   -The FwdState calls Ssl::PeerConnector, which fails to establish SSL 
on a non opened connection, and return an error page to the user.

I am attaching a small patch which fixes the problem.

I believe that this is the problem reported by some users, that the 
sslbumping does not work in squid-3.5 and later.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: comm_connec_addr-t2.patch
Type: text/x-patch
Size: 1856 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20150508/a6c6143d/attachment.bin>

More information about the squid-dev mailing list