[squid-dev] [PATCH] comm_connect_addr on failures return Comm:OK

Amos Jeffries squid3 at treenet.co.nz
Fri May 8 19:17:07 UTC 2015

On 9/05/2015 3:56 a.m., Tsantilas Christos wrote:
> I found the following problem in squid-trunk and squid-3.5:
>   - Squid calls peer_select to retrieve server destinations addresses
>   - The peer_select returns two ip addresses, the first is an ipv6
> address the second one is an ipv4.
>   - The FwdState creates a Comm::ConnOpener object which fails to
> connect to the first address, but returns Comm:OK.
>   -The FwdState calls Ssl::PeerConnector, which fails to establish SSL
> on a non opened connection, and return an error page to the user.
> I am attaching a small patch which fixes the problem.
> I believe that this is the problem reported by some users, that the
> sslbumping does not work in squid-3.5 and later.
> Regards,
>     Christos

Damn. Kicking myself over missing that one. Thank you.

I've taken the liberty of also restructuring those if-statements along
with this fix and adding a missing errno reset.
 Applied to trunk as rev.14065.

Thank you!

More information about the squid-dev mailing list