[squid-users] Reverse Proxy HTTPS POST Problem from dweimer on 2013-02-08 (squid-users)

From: dweimer <dweimer_at_dweimer.net>
Date: Fri, 08 Feb 2013 14:10:55 -0600

I know I have brought this up in the past, but I still haven't fixed
it. I have duplicated the problem in FreeBSD 9.1, 9.0, 8.3 with Squid
3.1.23, 3.2.6, 3.2.7. With such consistency, that I can't successfully
create a working setup without the problem. I have gone down to as
basic of a configuration as I can with the only options changed form
defaults are the ones need to create a reverse proxy with https, instead
of the default forward proxy setup.

I have however discovered, that no matter what the setup, some files
will work, some fail to upload, I can't discover what the difference is
between working and non working files. I have even searched for
patterns, such as is the size divisible by 4, 8 any combination of
numbers, doesn't seem to reveal a pattern. One image will upload,
another will not, one text file will work another will not, one
executable will another will not... If you delete the ones that
succeeded from the server (yes I have verified once successful that the
file is actually still a valid file), you can repeat the process, the
same files will succeed and the same ones will fail again.

I did however finally discover one thing today, when you upload the
file, the browser always does its little sending thing, then if its
going to fail it just sits there waiting for around 5 minutes, before
failing. Squid logs it as successful, but the file never gets posted to
the backend. Debugging early shows me that Squid is still waiting for
an EOF from the client, then after the long period just goes on.

I did discover today, however that while the browser is sitting there
waiting, if you either hit your back button, or stop the browser rather
than waiting on the timeout. The file gets submitted to the back end
and is uploaded as if nothing went wrong. I was hoping that this
information could possibly help someone figure out whats causing the
issue. Going to get debugging back on and see if the stop from the
client side actually triggers something in the squid logs that's useful.

-- 
Thanks,
    Dean E. Weimer
    http://www.dweimer.net/

Received on Fri Feb 08 2013 - 20:11:03 MST

This archive was generated by hypermail 2.2.0 : Sat Feb 09 2013 - 12:00:04 MST