[squid-users] Squid fails to bump where there are too many DNS names in SAN field
Sarfaraz.Ahmad at deshaw.com
Wed Sep 5 08:37:35 UTC 2018
Tested with Squid-4.2 and ended with same results.
How do we proceed here ?
From: Alex Rousskov <rousskov at measurement-factory.com>
Sent: Tuesday, September 4, 2018 9:14 PM
To: Ahmad, Sarfaraz <Sarfaraz.Ahmad at deshaw.com>; squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Squid fails to bump where there are too many DNS names in SAN field
On 09/04/2018 02:00 AM, Ahmad, Sarfaraz wrote:
> 2018/09/04 12:45:46.112 kid1| 24,5| BinaryTokenizer.cc(47) want: 520 more bytes for Handshake.msg_body.octets occupying 16900 bytes @90 in 0xfa4d70;
> 2018/09/04 12:45:46.112 kid1| 83,5| PeerConnector.cc(451) noteWantRead: local=10.240.180.31:43716 remote=220.127.116.11:443 FD 15 flags=1
Translation: Squid did not read enough data from the server to finish
parsing TLS server handshake. Squid needs to read at least 520 more
bytes from FD 15.
> Later on after about 10 secs
> 2018/09/04 12:45:58.124 kid1| 83,5| bio.cc(140) read: FD 12 read 0 <= 65535
And end-of-file on the wrong/different connection.
My recommendations remain the same, but please follow Amos advice and
upgrade to the latest v4 first.
Please note that I do _not_ recommend analyzing ALL,9 logs. On average,
such analysis by non-developers wastes more time than it saves.
More information about the squid-users