[squid-dev] Squid 5.6 leaking memory when peeking for an origin with an invalid certificate
Hamilton Coutinho
hamilton.coutinho at gmail.com
Wed Jan 18 18:46:33 UTC 2023
Hi all,
We are observing what seems to be several objects leaking in the output
mgr:mem, to the tune of 10s of 1000s
of HttpRequest, HttpHeaderEntry, Comm::Connection,
Security::ErrorDetail, cbdata
PeekingPeerConnector (31), etc.
We dumped a core and managed to find some HttpRequest objects and they all
seem to have failed in the same way, with an ERR_SECURE_CONNECT_FAIL
category, for a site that has a certificate signed by a CA authority not
available to squid.
If I would guess, the origin of the problem might be in
Ssl::PeekingPeerConnector::checkForPeekAndSpliceMatched():
if (finalAction == Ssl::bumpTerminate) {
bail(new ErrorState(ERR_SECURE_CONNECT_FAIL, Http::scForbidden,
request.getRaw(), al));
clientConn->close();
clientConn = nullptr;
Wondering if assigning null to clientConn there would be premature.
Any thoughts?
Thanks!
--
Hamilton
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20230118/f4f8ced9/attachment.htm>
More information about the squid-dev
mailing list