Build failed in Jenkins: 3.3-matrix » thinkwell #42

From: <noc_at_squid-cache.org>
Date: Fri, 15 Mar 2013 01:26:00 +0100 (CET)

See <http://build.squid-cache.org/job/3.3-matrix/./label=thinkwell/42/changes>

Changes:

[Amos Jeffries] Fix SSL Bump bypass for intercepted traffic

The SSL-bump bypass code on intercepted HTTPS traffic generates a fake
CONNECT request from the original destination IP:port in an attempt to
trigger a TCP tunnel being opened for the un-bumped data to be
transferred over.

The current implementation breaks in two situations:

1) when IPv6 traffic is intercepted

The URL field generated does not account for the additional []
requirements involved when IPv6+port are combined.

The resulting fake requests look like:

CONNECT ::1:443 HTTP/1.1
Host: ::1

... which are both invalid, and will fail to parse. Breaking IPv6 HTTPS
interception bypass.

Resolve this by using Ip::Address::ToURL() function which was created
for the purpose of generating URL hostnames from raw-IP + port with
the bracketing inserted when required.

2) when a non-443 port is being intercepted

The Host: header generated is missing the port and Squid Host: header
validity will reject the outbound

CONNECT 127.0.0.1:8443 HTTP/1.1
Host: 127.0.0.1

... this is an invalid request. Squid is currently ignoring the Host
header. However Squid tunnel.cc does make use of peering and may relay
the fake request Host: to upstream peers where we cannot be so sure what
will happen.

Resolve this issue by re-using the generated IP:port string for both URL
and Host: fields, which preserves teh port in Host: regardless of value.
This also means there is an unnecessary :443 tagged on for most HTTPS
traffic, however the omission of port from the Host: header is only a MAY
and this should not cause any issues.

------------------------------------------
[...truncated 6902 lines...]
Ok.
-n Testing ../../src/neighbors.h ...
Ok.
-n Testing ../../src/pconn.h ...
Ok.
-n Testing ../../src/peer_proxy_negotiate_auth.h ...
Ok.
-n Testing ../../src/peer_sourcehash.h ...
Ok.
-n Testing ../../src/peer_userhash.h ...
Ok.
-n Testing ../../src/protos.h ...
Ok.
-n Testing ../../src/redirect.h ...
Ok.
-n Testing ../../src/refresh.h ...
Ok.
-n Testing ../../src/repl_modules.h ...
Ok.
-n Testing ../../src/send-announce.h ...
Ok.
-n Testing ../../src/snmp_agent.h ...
Ok.
-n Testing ../../src/snmp_core.h ...
Ok.
-n Testing ../../src/stat.h ...
Ok.
-n Testing ../../src/stmem.h ...
Ok.
-n Testing ../../src/store_digest.h ...
Ok.
-n Testing ../../src/store_key_md5.h ...
Ok.
-n Testing ../../src/store_log.h ...
Ok.
-n Testing ../../src/store_rebuild.h ...
Ok.
-n Testing ../../src/store_swapin.h ...
Ok.
-n Testing ../../src/swap_log_op.h ...
Ok.
-n Testing ../../src/tools.h ...
Ok.
-n Testing ../../src/typedefs.h ...
Ok.
-n Testing ../../src/unlinkd.h ...
Ok.
-n Testing ../../src/urn.h ...
Ok.
-n Testing ../../src/wccp.h ...
Ok.
-n Testing ../../src/wccp2.h ...
Ok.
-n Testing ../../src/whois.h ...
Ok.
-n Testing ../../src/win32.h ...
Ok.
-n Testing ../../src/wordlist.h ...
Ok.
-n Testing ../../src/DiskIO/DiskFile.h ...
Ok.
-n Testing ../../src/DiskIO/DiskIOModule.h ...
Ok.
-n Testing ../../src/DiskIO/DiskIOStrategy.h ...
Ok.
-n Testing ../../src/DiskIO/IORequestor.h ...
Ok.
-n Testing ../../src/DiskIO/ReadRequest.h ...
Ok.
-n Testing ../../src/DiskIO/WriteRequest.h ...
Ok.
-n Testing ../../src/DiskIO/AIO/AIODiskFile.h ...
Ok.
-n Testing ../../src/DiskIO/AIO/AIODiskIOModule.h ...
Ok.
-n Testing ../../src/DiskIO/AIO/AIODiskIOStrategy.h ...
Ok.
-n Testing ../../src/DiskIO/AIO/aio_win32.h ...
Ok.
-n Testing ../../src/DiskIO/AIO/async_io.h ...
Ok.
-n Testing ../../src/DiskIO/Blocking/BlockingDiskIOModule.h ...
Ok.
-n Testing ../../src/DiskIO/Blocking/BlockingFile.h ...
Ok.
-n Testing ../../src/DiskIO/Blocking/BlockingIOStrategy.h ...
Ok.
-n Testing ../../src/DiskIO/DiskDaemon/DiskDaemonDiskIOModule.h ...
Ok.
-n Testing ../../src/DiskIO/DiskDaemon/DiskdAction.h ...
Ok.
-n Testing ../../src/DiskIO/DiskDaemon/DiskdFile.h ...
Ok.
-n Testing ../../src/DiskIO/DiskDaemon/DiskdIOStrategy.h ...
Ok.
-n Testing ../../src/DiskIO/DiskDaemon/diomsg.h ...
Ok.
-n Testing ../../src/DiskIO/DiskThreads/CommIO.h ...
Ok.
-n Testing ../../src/DiskIO/DiskThreads/DiskThreads.h ...
Ok.
-n Testing ../../src/DiskIO/DiskThreads/DiskThreadsDiskFile.h ...
Ok.
-n Testing ../../src/DiskIO/DiskThreads/DiskThreadsDiskIOModule.h ...
Ok.
-n Testing ../../src/DiskIO/DiskThreads/DiskThreadsIOStrategy.h ...
Ok.
-n Testing ../../src/DiskIO/IpcIo/IpcIoDiskIOModule.h ...
Ok.
-n Testing ../../src/DiskIO/IpcIo/IpcIoFile.h ...
Ok.
-n Testing ../../src/DiskIO/IpcIo/IpcIoIOStrategy.h ...
Ok.
-n Testing ../../src/DiskIO/Mmapped/MmappedDiskIOModule.h ...
Ok.
-n Testing ../../src/DiskIO/Mmapped/MmappedFile.h ...
Ok.
-n Testing ../../src/DiskIO/Mmapped/MmappedIOStrategy.h ...
Ok.
..
OK (2)
PASS: tests/testACLMaxUserIP
.
OK (1)
PASS: tests/testBoilerplate
..
OK (2)
PASS: tests/testCacheManager
.
OK (1)
PASS: tests/testDiskIO
..Actual Text:
Last event to run: last event

Operation \tNext Execution \tWeight\tCallback Valid?
test event \t0.000 sec\t 0\t N/A
test event2 \t0.000 sec\t 0\t N/A

....
OK (6)
PASS: tests/testEvent
...
OK (3)
PASS: tests/testEventLoop
PASS: tests/test_http_range
.....
OK (5)
PASS: tests/testHttpParser
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
.
OK (1)
PASS: tests/testHttpReply
.............
OK (13)
PASS: tests/testHttpRequest
SKIP: cache_cf.cc operator void* (not implemented).
...........
OK (11)
PASS: tests/testStore
....
OK (4)
PASS: tests/testString
stub time| persistent connection module initialized
..........
OK (10)
PASS: tests/testURL
.
OK (1)
PASS: tests/testConfigParser
...
OK (3)
PASS: tests/testStatHist
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: StatHist.cc enumInit (not implemented).
SKIP: tools.cc UsingSmp (not implemented).
FATAL: fatal.cc required for use of fatalf
.FAIL: tests/testRock
SKIP: cache_cf.cc operator void* (not implemented).
SKIP: stub_store_rebuild.cc storeRebuildComplete (not implemented).
..
OK (2)
PASS: tests/testUfs
PASS: testHeaders
=============================================
1 of 18 tests failed
Please report to http://bugs.squid-cache.org/
=============================================
make[5]: *** [check-TESTS] Error 1
make[4]: *** [check-am] Error 2
make[3]: *** [check-recursive] Error 1
make[2]: *** [check] Error 2
make[1]: *** [check-recursive] Error 1
make: *** [distcheck] Error 1
buildtest.sh result is 2
BUILD: .././test-suite/buildtests/layer-00-default.opts
configure: BUILD LIBRARIES:
configure: BUILD EXTRA LIBRARIES:
configure: BUILD OBJECTS:
configure: BUILD EXTRA OBJECTS:
configure: BUILD C FLAGS: -Wall -g -O2
configure: BUILD EXTRA C FLAGS: -Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments -Werror -pipe -D_REENTRANT
configure: BUILD C++ FLAGS: -g -O2
configure: BUILD EXTRA C++ FLAGS: -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Werror -pipe -D_REENTRANT
configure: BUILD LIBRARIES:
configure: BUILD EXTRA LIBRARIES:
configure: BUILD OBJECTS:
configure: BUILD EXTRA OBJECTS:
configure: BUILD C FLAGS: -Wall -g -O2
configure: BUILD EXTRA C FLAGS: -Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments -Werror -pipe -D_REENTRANT
configure: BUILD C++ FLAGS: -g -O2
configure: BUILD EXTRA C++ FLAGS: -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Werror -pipe -D_REENTRANT
.FAIL: tests/testRock
make[5]: *** [check-TESTS] Error 1
make[4]: *** [check-am] Error 2
make[3]: *** [check-recursive] Error 1
make[2]: *** [check] Error 2
make[1]: *** [check-recursive] Error 1
make: *** [distcheck] Error 1
Build FAILED.
Build step 'Execute shell' marked build as failure
Received on Fri Mar 15 2013 - 00:26:06 MDT

This archive was generated by hypermail 2.2.0 : Fri Mar 15 2013 - 12:00:07 MDT