Squid caching broken responses

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Squid caching broken responses

tomsl
This post was updated on .
I have an odd issue running squid 4.2 as a reverse proxy in front of
rackspace cloudfiles. For some reason, something went wrong when the request
was made initially and squid has cached a broken response. The headers
returned by squid are as follows:

HTTP/1.1 200 OK
Accept-Ranges: bytes
Last-Modified: Tue, 20 Aug 2019 10:30:08 GMT
ETag: 9295f2e13cde446a4c6812163840f908
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Mon, 02 Dec 2019 10:41:17 GMT
Age: 167529
Warning: 113 squid/4.2 "This cache hit is still fresh and more than 1 day
old"
X-Cache: HIT from qa-stat-prox
X-Cache-Lookup: HIT from qa-stat-prox:80
Connection: keep-alive
Access-Control-Allow-Origin: *

----------------------------------------

When disabling the cache, the correct headers returned for this particular
file are:

HTTP/1.1 200 OK
Content-Length: 28272
Accept-Ranges: bytes
Last-Modified: Tue, 20 Aug 2019 10:30:08 GMT
ETag: 9295f2e13cde446a4c6812163840f908
Content-Type: image/jpeg
Date: Wed, 04 Dec 2019 09:20:44 GMT
X-Cache: MISS from qa-stat-prox
X-Cache-Lookup: MISS from qa-stat-prox:80
Connection: keep-alive
Access-Control-Allow-Origin: *

Is there a way I can stop it from caching the "broken" responses? In the above example it is an image, and when using fiddler, the top part of the image appears in the response. It happens for multiple files.




--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Squid caching broken responses

Amos Jeffries
Administrator
On 4/12/19 11:29 pm, tomsl wrote:
> I have an odd issue running squid 4.2 as a reverse proxy in front of

Please upgrade. Current Squid-4 release is 4.9 and there are quite a few
very major security issues and bugs resolved since 4.2. Some of which
are related to cache corruption.


>
> Is there a way I can stop it from caching the "broken" responses?
>

Define "broken". There is nothing in the initial HTTP response to
indicate anything broken about it. So there is no reason for Squid not
to cache, in fact the object says it *can* be cached for an indefinite
amount of time.


If you know what URL these responses are for you can do:

  squidclient -H 'Cache-Control:no-cache\n' $URL

which requires Squid to fetch a clean copy.


Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Squid caching broken responses

tomsl
>Please upgrade. Current Squid-4 release is 4.9 and there are quite a few
>very major security issues and bugs resolved since 4.2. Some of which
>are related to cache corruption.

I have tried using squid 4.9, however am having an issue with the url
rewriter I am using to translate the urls into rackspace servicenet
requests. Squid terminates with the error:

2019/12/05 11:12:23 kid1| Squid Cache (Version 4.9): Terminated abnormally.
2019/12/05 11:12:23 kid1| ipcCreate: /etc/squid/urlrewrite.pl: (2) No such
file or directory
2019/12/05 11:12:23 kid1| ipcCreate: /etc/squid/urlrewrite.pl: (2) No such
file or directory

I don't understand why as the file is definitely there and has very loose
permissions (at the moment!).



--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Squid caching broken responses

Amos Jeffries
Administrator
On 6/12/19 12:23 am, tomsl wrote:

>> Please upgrade. Current Squid-4 release is 4.9 and there are quite a few
>> very major security issues and bugs resolved since 4.2. Some of which
>> are related to cache corruption.
>
> I have tried using squid 4.9, however am having an issue with the url
> rewriter I am using to translate the urls into rackspace servicenet
> requests. Squid terminates with the error:
>
> 2019/12/05 11:12:23 kid1| Squid Cache (Version 4.9): Terminated abnormally.
> 2019/12/05 11:12:23 kid1| ipcCreate: /etc/squid/urlrewrite.pl: (2) No such
> file or directory
> 2019/12/05 11:12:23 kid1| ipcCreate: /etc/squid/urlrewrite.pl: (2) No such
> file or directory
>
> I don't understand why as the file is definitely there and has very loose
> permissions (at the moment!).

That is very odd. Was it in that location and working before with the
same permissions?

If there is AppArmour or SELinux on the machine their permissions for
that location/file may need updating as well.


Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Squid caching broken responses

tomsl
I was able to get it working by making the squid user the owner of the file.

The upgraded squid server, however, still seems to be an issue some files
returned by the cache, as some appear complete yet have a Content-Length
value of 0, so they don't work. At this point I am thinking that the fault
here is with Rackspace servicenet/cloudfiles and not with squid, as the
issue did not happen when using the CDN. Unfortunately, the CDN costs money.



--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users