[squid-users] failing https requests
Adam Weremczuk
adamw at matrixscience.com
Mon Apr 27 14:03:24 UTC 2020
Thanks Amos for the hint.
Tcpdump in source reveals the following:
HTTP/1.1 400 Bad Request
Server: squid/3.5.27
Mime-Version: 1.0
Date: Mon, 27 Apr 2020 13:34:47 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 4000
X-Squid-Error: ERR_INVALID_REQ 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from PROXY
X-Cache-Lookup: NONE from PROXY:3128
Via: 1.1 PROXY (squid/3.5.27)
Connection: close
It also produces:
Some possible problems are:
- Missing or unknown request method.
- Missing URL.
- Missing HTTP Identifier (HTTP/1.0).
- Request is too large.
- Content-Length missing for POST or PUT requests.
- Illegal character in hostname; underscores are not allowed.
- HTTP/1.1 feature is being asked from an HTTP/1.0 software.
Can I determine which of the above is actually causing failures?
Increasing debug level to 9 in squid config hasn't resulted in any more
info being logged :(
Cheers,
Adam
On 24/04/2020 16:57, Amos Jeffries wrote:
> On 25/04/20 3:46 am, Adam Weremczuk wrote:
>> Hi all,
>>
>> I run squid-3.5.27_3 on pfSense 2.4.4 as well as in house Sugar CRM server.
>>
>> Recently Sugar license validation and updates checks made to
>> https://updates.sugarcrm.com/heartbeat/soap.php started failing (no
>> changes made at our end).
>>
>> In squid logs requests only produce 2 lines:
>>
>> 1587737506.670 0 192.168.5.30 TAG_NONE/400 4360 NONE
>> error:invalid-request - HIER_NONE/- text/html
>> 1587737506.978 301 192.168.5.30 TCP_MISS/301 464 POST
>> http://updates.sugarcrm.com/heartbeat/soap.php -
>> HIER_DIRECT/54.177.58.238 text/html
>>
>> It looks like client error followed by a redirection to http.
>>
>> Direct requests (no web proxy) as well as telnet, wget and curl work fine.
>>
>> Could somebody explain what exactly the errors mean and why the requests
>> fail?
>>
> It means the client delivered some bytes which do not in any way conform
> to HTTP request syntax. Not even similar.
>
> The best thing to do is to get a full-packet capture and investigate
> with wireshark what is going on.
>
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list