[squid-users] Squid 4.4 + SSL bump: Squid is crashing completely opening https://www.drcleaner.com/de/dr-cleaner/

ziprasidone146939277 at gmail.com ziprasidone146939277 at gmail.com
Wed Dec 5 00:31:39 UTC 2018 

Hi,

 

Works “well” on my squid v 4.4 (patched) “ debian 9.

 

Although the site does not load well, squid does not die:

 

(…)

 

TCP_MISS/502 1609 GET https://cache.drcleaner.com/extend/home/js/jquery-2.0.0.min.js - ORIGINAL_DST/99.84.27.102 text/html

TCP_MISS/403 684 GET https://s3-us-west-2.amazonaws.com/trustedsite-public/host/drcleaner.com/client.js - ORIGINAL_DST/52.218.200.72 application/xml

TCP_MISS/502 1609 GET https://cache.drcleaner.com/extend/home/css/index.css - ORIGINAL_DST/99.84.27.102 text/html

TCP_MISS/502 1609 GET https://cache.drcleaner.com/extend/home/css/bootstrap.min.css - ORIGINAL_DST/99.84.27.102 text/html

TCP_MISS/502 1609 GET https://cache.drcleaner.com/extend/home/js/jquery-2.0.0.min.js - ORIGINAL_DST/99.84.27.102 text/html

TCP_MISS/502 1609 GET https://cache.drcleaner.com/extend/home/js/jquery.screw.js - ORIGINAL_DST/99.84.27.102 text/html

TCP_MISS/502 1609 GET https://cache.drcleaner.com/extend/home/js/bg_pro.js - ORIGINAL_DST/99.84.27.102 text/html

TCP_MISS/502 1609 GET https://cache.drcleaner.com/extend/home/js/mobile.js - ORIGINAL_DST/99.84.27.102 text/html

TCP_MISS/502 1609 GET https://cache.drcleaner.com/wp-content/plugins/contact-form-7/includes/js/scripts.js? - ORIGINAL_DST/99.84.27.102 text/html

TCP_MISS/502 1609 GET https://cache.drcleaner.com/wp-includes/js/comment-reply.min.js? - ORIGINAL_DST/99.84.27.102 text/html

 

And over..

 

Please, see https://bugs.squid-cache.org/show_bug.cgi?id=4896

 

If your case is similar, there is a patch as a workaround.

 

HTH

 

 

De: squid-users <squid-users-bounces at lists.squid-cache.org> En nombre de info at schroeffu.ch
Enviado el: martes, 4 de diciembre de 2018 13:11
Para: squid-users at lists.squid-cache.org
Asunto: [squid-users] Squid 4.4 + SSL bump: Squid is crashing completely opening https://www.drcleaner.com/de/dr-cleaner/

 

Hi all,

my Squid 4.4 with SSL bump is crashing while trying to open this website: https://www.drcleaner.com/de/dr-cleaner/
So, after trying open this site with SSL bump enabled, no Squid process is running anymore. Just. Dead.

What can I do for debug that properly better to report properly an issue?

SSL bump config:

http_port proxy02bs:8080 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/certs/xx.pem key=/etc/squid/certs/xx.pem
sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MB
always_direct allow all
acl step1 at_step SslBump1
ssl_bump peek step1
ssl_bump bump all !domains_dont_sslbump


Latest words 'till the dead:

Dec 4 16:47:19 proxy02bs squid[1001]: assertion failed: http.cc:1530: "!Comm::MonitorsRead(serverConnection->fd)"
Dec 4 16:47:19 proxy02bs squid[604]: Squid Parent: squid-1 process 1001 exited due to signal 6 with status 0
Dec 4 16:47:19 proxy02bs squid[604]: Squid Parent: squid-1 process 1001 will not be restarted for 3600 seconds due to repeated, frequent failures
Dec 4 16:47:19 proxy02bs squid[604]: Exiting due to repeated, frequent failures
Dec 4 16:47:19 proxy02bs squid[604]: Removing PID file (/var/run/squid.pid)
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Main process exited, code=exited, status=1/FAILURE
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Killing process 666 (pinger) with signal SIGKILL.
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Killing process 786 (pinger) with signal SIGKILL.
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Killing process 855 (pinger) with signal SIGKILL.
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Killing process 923 (pinger) with signal SIGKILL.
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Killing process 995 (pinger) with signal SIGKILL.
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Killing process 1004 (security_file_c) with signal SIGKILL.
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Killing process 1007 (ufdbgclient) with signal SIGKILL.
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Killing process 1008 (ufdbgclient) with signal SIGKILL.
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Killing process 1065 (pinger) with signal SIGKILL.
Dec 4 16:47:19 proxy02bs systemd[1]: squid.service: Failed with result 'exit-code'.


Full syslog: https://pastebin.com/i9itZcZa
Full access.log: https://pastebin.com/Vc0A5sSG
Full cache.log: https://pastebin.com/xdi3RHqs

Thanks for any help in advance
Schroeffu 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20181204/0fac5673/attachment-0001.html>

More information about the squid-users mailing list