[squid-dev] [PATCH] comm_connect_addr on failures return Comm:OK
squid3 at treenet.co.nz
Fri May 8 19:17:07 UTC 2015
On 9/05/2015 3:56 a.m., Tsantilas Christos wrote:
> I found the following problem in squid-trunk and squid-3.5:
> - Squid calls peer_select to retrieve server destinations addresses
> - The peer_select returns two ip addresses, the first is an ipv6
> address the second one is an ipv4.
> - The FwdState creates a Comm::ConnOpener object which fails to
> connect to the first address, but returns Comm:OK.
> -The FwdState calls Ssl::PeerConnector, which fails to establish SSL
> on a non opened connection, and return an error page to the user.
> I am attaching a small patch which fixes the problem.
> I believe that this is the problem reported by some users, that the
> sslbumping does not work in squid-3.5 and later.
Damn. Kicking myself over missing that one. Thank you.
I've taken the liberty of also restructuring those if-statements along
with this fix and adding a missing errno reset.
Applied to trunk as rev.14065.
More information about the squid-dev