------------------------------------------------------------ revno: 13417 revision-id: chtsanti@users.sourceforge.net-20140521062938-2d24zaj2tgde0jqs parent: squid3@treenet.co.nz-20140520170856-9vgj5ney1zuqxsfa committer: Christos Tsantilas branch nick: trunk timestamp: Wed 2014-05-21 09:29:38 +0300 message: "ssl_bump none" mode crashes squid After r13324 patch the SBuf argument of the ConnStateData::handleReadData member is used only to check if ConnStateData::In::buf is correctly filled with read data. ConnStateData::handleReadData considers that the data already written in ConnStateData::in.buf and checks if the passed Sbuf argument is the ConnStateData::in.buf: bool ConnStateData::handleReadData(SBuf *buf) { assert(buf == &in.buf); ..... The httpsSslBumpAccessCheckDone function needs to write the CONNECT request generated internally to force tunnel mode, in ConnStateData::In::buf and then call ConnStateData::handleReadData method. ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: chtsanti@users.sourceforge.net-20140521062938-\ # 2d24zaj2tgde0jqs # target_branch: http://bzr.squid-cache.org/bzr/squid3/trunk/ # testament_sha1: a8df60bd7d6914c291ac90ee2513fb6a1546ff85 # timestamp: 2014-05-21 06:53:56 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/trunk/ # base_revision_id: squid3@treenet.co.nz-20140520170856-\ # 9vgj5ney1zuqxsfa # # Begin patch === modified file 'src/client_side.cc' --- src/client_side.cc 2014-04-27 07:59:17 +0000 +++ src/client_side.cc 2014-05-21 06:29:38 +0000 @@ -3631,9 +3631,8 @@ // fake a CONNECT request to force connState to tunnel static char ip[MAX_IPSTRLEN]; connState->clientConnection->local.toUrl(ip, sizeof(ip)); - SBuf reqStr; - reqStr.append("CONNECT ").append(ip).append(" HTTP/1.1\r\nHost: ").append(ip).append("\r\n\r\n"); - bool ret = connState->handleReadData(&reqStr); + connState->in.buf.append("CONNECT ").append(ip).append(" HTTP/1.1\r\nHost: ").append(ip).append("\r\n\r\n"); + bool ret = connState->handleReadData(&connState->in.buf); if (ret) ret = connState->clientParseRequests();