031f48e6bd
handling resulting in denial of service
47 lines
1.9 KiB
Diff
47 lines
1.9 KiB
Diff
------------------------------------------------------------
|
|
revno: 13981
|
|
revision-id: squid3@treenet.co.nz-20160213062427-jz0en4qyajeqpa7x
|
|
parent: squid3@treenet.co.nz-20160212045102-ivwab8s8p2gi32fv
|
|
fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4437
|
|
author: Christos Tsantilas <chtsanti@users.sourceforge.net>
|
|
committer: Amos Jeffries <squid3@treenet.co.nz>
|
|
branch nick: 3.5
|
|
timestamp: Sat 2016-02-13 19:24:27 +1300
|
|
message:
|
|
Bug 4437: Fix Segfault on Certain SSL Handshake Errors
|
|
|
|
Squid after an unsuccesfull try to connect to the remote server may make two
|
|
concurrent retries to connect to the remote SSL server, calling twice the
|
|
FwdState::retryOrBail() method, which may result to unexpected behaviour.
|
|
|
|
Prevent this by just closing the connection to the remote SSL server inside
|
|
FwdState::connectedToPeer method on error and instead of calling the
|
|
FwdState::retryOrBail method, just allow comm_close handler to retry the
|
|
connection if required.
|
|
|
|
This is a Measurement Factory project
|
|
------------------------------------------------------------
|
|
# Bazaar merge directive format 2 (Bazaar 0.90)
|
|
# revision_id: squid3@treenet.co.nz-20160213062427-jz0en4qyajeqpa7x
|
|
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
|
|
# testament_sha1: f22a644062f4d8c8a13897b396197ea7b44b4231
|
|
# timestamp: 2016-02-13 06:53:09 +0000
|
|
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
|
|
# base_revision_id: squid3@treenet.co.nz-20160212045102-\
|
|
# ivwab8s8p2gi32fv
|
|
#
|
|
# Begin patch
|
|
=== modified file 'src/FwdState.cc'
|
|
--- src/FwdState.cc 2016-01-31 05:39:09 +0000
|
|
+++ src/FwdState.cc 2016-02-13 06:24:27 +0000
|
|
@@ -719,7 +719,7 @@
|
|
answer.error.clear(); // preserve error for errorSendComplete()
|
|
if (CachePeer *p = serverConnection()->getPeer())
|
|
peerConnectFailed(p);
|
|
- retryOrBail();
|
|
+ serverConnection()->close();
|
|
return;
|
|
}
|
|
|
|
|