[squid-users] squid+ssl and CPU load 100%
Amos Jeffries
squid3 at treenet.co.nz
Fri Jan 1 23:09:26 UTC 2016
On 2016-01-01 07:06, Lucas Castro wrote:
> On 31-12-2015 15:00, Alex Rousskov wrote:
>> On 12/31/2015 10:58 AM, lucas castro wrote:
>>> I have squid
>>> Squid Cache: Version 3.5.7
>>>
>>> I don't know how to ask about this,
>>> But I'm getting 100% load and squid don't accept connection anymore,
>>> my cache.log show me this.
>>>
>>> 2015/12/31 14:27:15.869 kid2| bio.cc(942) parseV3ServerHello: TLS
>>> Extension: 0 of size:0
>>> 2015/12/31 14:27:15.869 kid2| bio.cc(942) parseV3ServerHello: TLS
>>> Extension: 0 of size:0
>>> 2015/12/31 14:27:15.866 kid1| bio.cc(942) parseV3ServerHello: TLS
>>> Extension: 0 of size:0
>>>
>>> Someone has any idea what's happening?
>> IIRC, this is an SSL parsing bug in older Squids. Sorry, I do not have
>> a
>> reference. If you are using SslBump, you should upgrade to the latest
>> v3.5 (at least).
>>
>> Alex.
> I'm already using squid 3.5.7.
Which is already 5 months outdated. TLS and SSL related things are
changing on an almost weekly basis, even in the stable/production
version.
> I'll try to upgrade to 3.5.12.
> I was look for this, but didn't find anything, do you have some link
> about this?
Yes:
<http://www.squid-cache.org/Advisories/SQUID-2015_3.txt>
<http://lists.squid-cache.org/pipermail/squid-announce/2015-September/000027.html>
"crash or high CPU usage".
Amos
More information about the squid-users
mailing list