Re: [squid-users] Problem downloading file from catalog.update.microsoft.com and MS BITS(Background Intelligent Transfer Service) from Amos Jeffries on 2011-07-25 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 26 Jul 2011 17:09:02 +1200

On 25/07/11 23:34, guest01 wrote:
> Hi guys,
>
> I have a problem with site catalog.update.microsoft.com and MS BITS
> (Background Intelligent Transfer Service) Squid 3.1.12. Squid 3.2.0.7
> seems to work without problems.
> Most of my clients use Kerberos authentication and WinXP as client.
> Unfortunately, BITS can only use Basic Authentication. Basically, as
> far as I figured out, BITS is sending an HEAD-request:
>
> Squid 3.1.12:
> HEAD http://download.windowsupdate.com/msdownload/update/software/updt/2011/06/rootsupd_f54752ec63369522f37e545325519ee434cdf439.exe
> HTTP/1.1
> Accept: */*
> Accept-Encoding: identity
> User-Agent: Microsoft BITS/6.7
> Host: download.windowsupdate.com
> Proxy-Connection: Keep-Alive
>
> HTTP/1.0 407 Proxy Authentication Required
> Server: squid/3.1.12
> Mime-Version: 1.0
> Date: Wed, 20 Jul 2011 10:35:24 GMT
> Content-Type: text/html
> Content-Length: 1702
> X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
> Vary: Accept-Language
> Content-Language: en
> Proxy-Authenticate: Negotiate
> Proxy-Authenticate: Basic realm="Proxy"
> X-Cache: MISS from xlsqip03_1
> Via: 1.0 xlsqip03_1 (squid/3.1.12)
> Connection: keep-alive
>
> After that, the client sends an TCP RST and nothing is happening anymore.
>
<snip>
>
> My question now:
> Why is Squid 3.1.12 sending an HTTP/1.0 407 and Squid 3.2.0.7 an
> HTTP/1.1 407?

Because squid-3.1 series is only properly HTTP/1.0 protocol compliant.
Squid-3.2 series supports HTTP/1.1 protocol.

> I could not find any configuration option which could
> explain that behavior and I am not even sure if that's the problem.

It looks like BITS requires HTTP/1.1 support to do auth properly. Though
I can't see anything in those requests which would create that requirement.

The big hint seems to be that it is BITS generating the RST despite
squid saying "Connection: keep-alive". Being a RST instead of FIN it
could be an internal crash or something else going bad inside BITS.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.14
   Beta testers wanted for 3.2.0.10

Received on Tue Jul 26 2011 - 05:09:17 MDT

This archive was generated by hypermail 2.2.0 : Thu Jul 28 2011 - 12:00:03 MDT