Re: Squid 3.1 TPROXY bugs and backtrace.

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 04 Jun 2008 00:40:04 +1200

Thank you.

I've just had a few more emails with Laszlo from Balabit about this.

 From Laszlo:
"
I fixed it and tested it. I added a new patch to the tproxy patchset
(and published it for kernel v2.6.24), so no change of the squid source
is necessary.

The IP is spoofed despite the getsockopt failed.
"

It looks like these were mostly due to the incompleteness of the Balabit
kernel patch. With some incorrect 'failure' messages even when things
had not failed.

I've checked and the new patch is public for testing already. Dated
kernel-2.6.24-20080602 which should show less errors. No changes to
squid 3-HEAD with that.

I think at this point we had best consider the results to date as
obsolete, re-test, and see what shows up for you with the new kernel,
iptables, and squid builds.

Amos

Anton V.G. wrote:
> Hi Amos,
> The backtrace is below.
>
> ---------- Forwarded Message ----------
>
> Subject: Re: Squid 3.1 TPROXY bugs
> Date: Wednesday 21 May 2008 01:04
> From: "Anton VG" <anton.vazir_at_gmail.com>
> To: "Amos Jeffries" <squid3_at_treenet.co.nz>
> Cc: "Anton V.G." <anton_at_eastera.tj>, squid-dev_at_squid-cache.org
>
> Here is the backtrace, and below it the cache.log part
>
> New Thread -1246504016 (LWP 32075)]
> [New Thread -1246770256 (LWP 32076)]
> [New Thread -1247036496 (LWP 32077)]
>
> Program received signal SIGABRT, Aborted.
> [Switching to Thread -1211254112 (LWP 32004)]
> 0xffffe410 in __kernel_vsyscall ()
> #0 0xffffe410 in __kernel_vsyscall ()
> #1 0xb7d04811 in raise () from /lib/tls/i686/cmov/libc.so.6 #2 0xb7d05fb9 in abort ()
> from /lib/tls/i686/cmov/libc.so.6 #3 0x080f3149 in xassert (msg=0x820ce63
> "!fd_table[fd].flags.closing", file=0x820ccd7 "comm.cc",
> line=339) at debug.cc:577
> #4 0x0819644e in comm_read (fd=411, buf=0xb58bc008
> "\n\n__url=http%3A%2F%2Fletitbit.net%2Fdownload%2F71e546581
> 713%2FMiniPE.part3.rar.html&fu__submit=%CF%EE%EB%F3%F7%E8%F
> 2%FC+%EF%F0%FF%EC%F3%FE\r\n", size=4095,
> callback=@0xbfe6784c) at comm.cc:339
> #5 0x080dd4d8 in ConnStateData::readSomeData
> (this=0x88780d8) at client_side.cc:214
> #6 0x080debbb in ConnStateData::clientMaybeReadData
> (this=0x88780d8, do_next_read=1) at client_side.cc:2145
> #7 0x080decc6 in ConnStateData::clientAfterReadingRequests
> (this=0x88780d8, do_next_read=1) at client_side.cc:2167
> #8 0x080df19b in ConnStateData::clientReadRequest
> (this=0x88780d8, io=@0x8c89c40) at client_side.cc:2557
> #9 0x080e0a05 in CommCbMemFunT<ConnStateData,
> CommIoCbParams>::doDial (this=0x8c89c34) at
> CommCalls.h:140
> #10 0x081a3320 in JobDialer::dial (this=0x8c89c34,
> call=@0x8c89c18) at ICAP/AsyncJob.cc:213
> #11 0x080e1f47 in AsyncCallT<CommCbMemFunT<ConnStateData,
> CommIoCbParams> >::fire (this=0x8c89c18) at AsyncCall.h:127
> #12 0x080c1c62 in AsyncCall::make (this=0x8c89c18) at
> AsyncCall.cc:34 #13 0x080c1510 in AsyncCallQueue::fireNext
> (this=0x8426ba8) at AsyncCallQueue.cc:53
> #14 0x080c15f7 in AsyncCallQueue::fire (this=0x8426ba8) at
> AsyncCallQueue.cc:39 #15 0x080fd5fb in
> EventLoop::dispatchCalls (this=0xbfe67ae4) at
> EventLoop.cc:154 #16 0x080fd8af in EventLoop::runOnce
> (this=0xbfe67ae4) at EventLoop.cc:131 #17 0x080fd984 in
> EventLoop::run (this=0xbfe67ae4) at EventLoop.cc:95 #18
> 0x08149c4f in main (argc=4, argv=0xbfe67bb4) at
> main.cc:1382 (gdb)
> (gdb)
> (gdb)
>
>
> ---- cache log
>
> 2008/05/21 01:01:49.753| client_side_request.cc(123)
> ClientRequestContext: 0x8641e68 ClientRequestContext
> constructed 2008/05/21 01:01:49.753| The request POST
> http://exnews.org/direct/getlink.php is ALLOWED, because it
> matched 'our_networks'
> 2008/05/21 01:01:49.753| clientInterpretRequestHeaders:
> REQ_NOCACHE = NOT SET 2008/05/21 01:01:49.753|
> clientInterpretRequestHeaders: REQ_CACHABLE = NOT SET
> 2008/05/21 01:01:49.753| clientInterpretRequestHeaders:
> REQ_HIERARCHICAL = NOT SET
> 2008/05/21 01:01:49.753| client_side_request.cc(114)
> ~ClientRequestContext: 0x8641e68 ClientRequestContext
> destructed 2008/05/21 01:01:49.753| clientProcessRequest:
> POST 'http://exnews.org/direct/getlink.php'
> 2008/05/21 01:01:49.753| ClientHttpRequest::httpStart: NONE
> for 'http://exnews.org/direct/getlink.php'
> 2008/05/21 01:01:49.753| clientProcessRequest2: storeGet()
> MISS 2008/05/21 01:01:49.753| assertion failed:
> comm.cc:339: "!fd_table[fd].flags.closing"
>
> !DSPAM:48332ecc7303941283316!
>
> -------------------------------------------------------

-- 
Please use Squid 2.7.STABLE1 or 3.0.STABLE6
Received on Tue Jun 03 2008 - 12:40:03 MDT

This archive was generated by hypermail 2.2.0 : Wed Jun 04 2008 - 12:00:02 MDT