[squid-dev] [PATCH] comm_connect_addr on failures return Comm:OK
Tsantilas Christos
chtsanti at users.sourceforge.net
Fri May 8 15:56:29 UTC 2015
I found the following problem in squid-trunk and squid-3.5:
- Squid calls peer_select to retrieve server destinations addresses
- The peer_select returns two ip addresses, the first is an ipv6
address the second one is an ipv4.
- The FwdState creates a Comm::ConnOpener object which fails to
connect to the first address, but returns Comm:OK.
-The FwdState calls Ssl::PeerConnector, which fails to establish SSL
on a non opened connection, and return an error page to the user.
I am attaching a small patch which fixes the problem.
I believe that this is the problem reported by some users, that the
sslbumping does not work in squid-3.5 and later.
Regards,
Christos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: comm_connec_addr-t2.patch
Type: text/x-patch
Size: 1856 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20150508/a6c6143d/attachment.bin>
More information about the squid-dev
mailing list