[squid-dev] Broken trunk after r14735, r14726
Amos Jeffries
squid3 at treenet.co.nz
Sat Jul 16 12:56:14 UTC 2016
On 16/07/2016 7:02 a.m., Alex Rousskov wrote:
> Hello,
>
> There are two more recent changes that broke trunk:
>
> * After r14735 (Replaced TidyPointer with std::unique_ptr), Squid cannot
> start due to an "std::bad_function_call" exception.
>
> * After r14726 (GnuTLS: support for TLS session resume): Squid segfaults
> when attempting to connect to a Secure ICAP service. Official Squid
> v4.0.12 suffers from this bug.
>
> Stack traces from both crashes are quoted at the end of this email.
>
> Please fix these regressions or undo the changes that created or exposed
> them.
>
<snip>
> * segfault when attempting to connect to a Secure ICAP REQMOD service
> (tested with r14726, r14734):
>
Does this patch fix the session issue ?
=== modified file 'src/security/Session.cc'
--- src/security/Session.cc 2016-07-07 19:03:02 +0000
+++ src/security/Session.cc 2016-07-16 12:43:38 +0000
@@ -53,7 +53,7 @@
void
Security::SetSessionResumeData(const Security::SessionPtr &s, const
Security::SessionStatePointer &data)
{
- if (s) {
+ if (data) {
#if USE_OPENSSL
(void)SSL_set_session(s, data.get());
#elif USE_GNUTLS
I'm a little worried about the code calling SetSessionResumeData.
OpenSSL documentation states:
"If there is already a session set inside ssl (because it was set with
SSL_set_session() before or because the same ssl was already used for a
connection), SSL_SESSION_free() will be called for that session."
But our SetSessionResumeData() is called after setting up the sessions
host data, etc. So I'm thinking all that setup in
Ssl::BlindPeerConnector::initializeTls() may be thrown away by the
resume action being called.
Amos
More information about the squid-dev
mailing list