[squid-dev] Repeated assertions

Junior Cunha junior.cunha at hscbrasil.com.br
Fri May 26 15:26:59 UTC 2017


Hi all,

   We are facing a strange problem with a squid 3.5.25 installation in one of our customers. Every minute an assertion like this "assertion failed: Read.cc:73: "fd_table[conn->fd].halfClosedReader != NULL" can be seen in the cache.log file. Below some information related to our current setup:

   - 2 physical servers running Squid 3.5.25 ( 1 instance per machine ) linked with OpenSSL 1.0.1e-57
   - haproxy to provide load balancing between the nodes + keepalived to provide vip
   - ~3000 users
   - diskd for cache
   - ssl bump enabled (config below)

http_port 58080 require-proxy-header dynamic_cert_mem_cache_size=1KB generate-host-certificates=on ssl-bump cert=/opt/hsc/webcontrol/squid/etc/ssl/myCA.pem sslflags=NO_DEFAULT_CA

   (...)

acl s1_tls_connect at_step SslBump1
sslproxy_cipher ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDSA-RSA-AES256-SHA:ECDSA-RSA-AES256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:AES256-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:AES128-SHA:RC4-SHA:HIGH:!aNULL:!MD5:!ADH
ssl_bump peek s1_tls_connect
ssl_bump bump all

   We have no idea why this is happening since we have another customer with the same setup and this doesn't happen.

   Could someone please help us to solve this problem? Our company is willing to pay for any kind of help (in this case contact me directly via e-mail or skype "juniorcunha.rs").

   Best regards.

   []s

--
Junior Cunha
HSC Brasil
telefone  55 (51) 3216-7007 | Porto Alegre
telefone  55 (11) 3522-8191 | São Paulo
site:  www.hscbrasil.com.br



More information about the squid-dev mailing list