[squid-dev] [PATCH] Do not hide important/critical messages
squid3 at treenet.co.nz
Sun Apr 10 04:42:55 UTC 2016
On 29/03/2016 12:44 p.m., Alex Rousskov wrote:
> While working on Squid bug 4465 (Header forgery detection leads to
> crash), I noticed that Squid may hide important/critical debugs()
> messages from the admin if those messages are assembled using code that
> also uses debugs(). For example, unpatched Squid console only says:
> 2016/03/27 14:19:48.297| SECURITY ALERT: By user agent:
> 2016/03/27 14:19:48.297| SECURITY ALERT: on URL: dut70.test:443
> A patched Squid produces the expected three console lines:
> 2016/03/27 15:25:42| SECURITY ALERT: Host header forgery detected...
> 2016/03/27 15:25:42| SECURITY ALERT: By user agent:
> 2016/03/27 15:25:42| SECURITY ALERT: on URL: dut70.test:443
> The underlying debugs() bug leads to several rather confusing problems.
> For example, the unpatched output quoted above has millisecond
> timestamps that are not supposed to be there; the hidden lines may
> actually be logged into cache.log (but not on the console/stderr or
> system log). It took several patch rewrites and many tests to better
> understand these side effects (which explains, in part, why the patch
> has more cleanup pieces than are strictly necessary to fix the bug in
> the subject line).
> The attached v3.5 patch fixes the underlying bug and has several
> positive side-effects such as faster debugs() performance, no clobbered
> messages, and cleaner code. Please see patch preamble for a complete
> list of known side effects.
> If this v3.5 patch is accepted in principle, I hope somebody volunteers
> a trunk port (which should not be difficult).
This appears to be just a polished implementation of the intended
debugs() original design. So in principle its already acceptible.
To get into v3.5 it does need to go in through v4 first though. We don't
want a repeat of the 2.x forking situation.
More information about the squid-dev