Squid 4.0.19 SSLBump Crashes

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Squid 4.0.19 SSLBump Crashes

Deniz Eren-2
Hi,

I'm testing squid squid-4.0.19-20170508-r15031 when I enable ssl-bump
in intercept mode, after couple of SSL requests squid crashes in
"Parser::BinaryTokenizer::want(unsigned long long, char const*) const
()" function.

OS: CentOS 5
OpenSSL: 1.0.1e-51
g++: 4.8.2-15

I have attached part of debug log,core stack trace and squid.conf.(I
have migrated from 3.5, so there might be non-correct parts in my
squid.conf)

Does something wrong with my compilation or squid.conf; how can I
debug this issue.

Regards,

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users

core_bt.txt (2K) Download Attachment
log.txt (38K) Download Attachment
squid.conf (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Squid 4.0.19 SSLBump Crashes

Alex Rousskov
On 05/10/2017 08:32 AM, Deniz Eren wrote:

> I'm testing squid squid-4.0.19-20170508-r15031 when I enable ssl-bump
> in intercept mode, after couple of SSL requests squid crashes


You have discovered one or two Squid bugs:

* Squid should handle exceptions when parsing SSL (without crashing);
* Squid must parse valid SSL (without throwing an exception).

To improve your chances of getting the bugs fixed, I recommend filing a
bug report in Bugzilla and attaching compressed whole-packet
to-and-from-Squid capture, captured while reproducing the problem (as
well as all the other artifacts you have provided, but updated to match
the packet capture).

If you can also test v5, please do so.


Thank you,

Alex.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users