FreeBSD Bugzilla – Attachment 77870 Details for
Bug 112054
[Maintainer] www/squid: add vendor patch for Squid bug #1814
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 3.75 KB, created by
Thomas-Martin Seck
on 2007-04-23 22:00:11 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Thomas-Martin Seck
Created:
2007-04-23 22:00:11 UTC
Size:
3.75 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (.../www/squid) (revision 1152) >+++ Makefile (.../local/squid) (revision 1152) >@@ -76,6 +76,7 @@ > > PORTNAME= squid > PORTVERSION= 2.6.12 >+PORTREVISION= 1 > CATEGORIES= www > MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \ > ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \ >@@ -279,7 +280,11 @@ > --with-openssl="${OPENSSLBASE}" > CFLAGS+= -I${OPENSSLINC} > LDFLAGS+= -L${OPENSSLLIB} >+.if defined(WITH_SQUID_ICAP) >+IGNORE= is currently broken with both ICAP and SSL support enabled because of conflicting patches. This will be resolved for Squid 2.6.13 > .endif >+EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-changeset_11375 >+.endif > .if defined(WITH_SQUID_PINGER) > CONFIGURE_ARGS+= --enable-icmp > libexec+= pinger >Index: files/extra-patch-changeset_11375 >=================================================================== >--- files/extra-patch-changeset_11375 (.../www/squid) (revision 0) >+++ files/extra-patch-changeset_11375 (.../local/squid) (revision 1152) >@@ -0,0 +1,77 @@ >+--------------------- >+PatchSet 11375 >+Date: 2007/04/17 09:35:17 >+Author: hno >+Branch: SQUID_2_6 >+Tag: (none) >+Log: >+MFC: Bug #1814: SSL memory leak on persistent SSL connections >+ >+Memory leak when attemting to reuse SSL-negotiated outgoing connections. >+ >+Mainly affects reverse proxy setups using SSL-enabled peers. >+ >+Merged changes: >+2007/04/16 23:05:50 hno +8 -6 Bug #1814: SSL memory leak on persistent SSL connections >+ >+Members: >+ src/forward.c:1.120.2.2->1.120.2.3 >+ >+Note: this patchset was slightly modified for the FreeBSD port >+ to make it apply cleanly (one hunk removed, path information stripped) >+ >+Index: squid/src/forward.c >+=================================================================== >+RCS file: /cvsroot/squid/squid/src/forward.c,v >+retrieving revision 1.120.2.2 >+retrieving revision 1.120.2.3 >+diff -u -r1.120.2.2 -r1.120.2.3 >+--- src/forward.c 26 Mar 2007 23:14:09 -0000 1.120.2.2 >++++ src/forward.c 17 Apr 2007 09:35:17 -0000 1.120.2.3 >+@@ -319,6 +319,7 @@ >+ fd_table[fd].ssl = ssl; >+ fd_table[fd].read_method = &ssl_read_method; >+ fd_table[fd].write_method = &ssl_write_method; >++ fd_note(fd, "Negotiating SSL"); >+ fwdNegotiateSSL(fd, fwdState); >+ } >+ #endif >+@@ -357,10 +358,6 @@ >+ comm_close(server_fd); >+ } else { >+ debug(17, 3) ("fwdConnectDone: FD %d: '%s'\n", server_fd, storeUrl(fwdState->entry)); >+- fd_note(server_fd, storeUrl(fwdState->entry)); >+- fd_table[server_fd].uses++; >+- if (fd_table[server_fd].uses == 1 && fs->peer) >+- peerConnectSucceded(fs->peer); >+ #if USE_SSL >+ if ((fs->peer && fs->peer->use_ssl) || >+ (!fs->peer && request->protocol == PROTO_HTTPS)) { >+@@ -535,7 +532,7 @@ >+ hierarchyNote(&fwdState->request->hier, fs->code, fd_table[fd].ipaddr); >+ else >+ hierarchyNote(&fwdState->request->hier, fs->code, name); >+- fwdConnectDone(fd, COMM_OK, fwdState); >++ fwdDispatch(fwdState); >+ return; >+ } else { >+ /* Discard the persistent connection to not cause >+@@ -653,6 +650,7 @@ >+ StoreEntry *entry = fwdState->entry; >+ ErrorState *err; >+ int server_fd = fwdState->server_fd; >++ FwdServer *fs = fwdState->servers; >+ debug(17, 3) ("fwdDispatch: FD %d: Fetching '%s %s'\n", >+ fwdState->client_fd, >+ RequestMethodStr[request->method], >+@@ -667,6 +665,10 @@ >+ assert(entry->ping_status != PING_WAITING); >+ assert(entry->lock_count); >+ EBIT_SET(entry->flags, ENTRY_DISPATCHED); >++ fd_note(server_fd, storeUrl(fwdState->entry)); >++ fd_table[server_fd].uses++; >++ if (fd_table[server_fd].uses == 1 && fs->peer) >++ peerConnectSucceded(fs->peer); >+ netdbPingSite(request->host); >+ entry->mem_obj->refresh_timestamp = squid_curtime; >+ if (fwdState->servers && (p = fwdState->servers->peer)) {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=77870">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 112054
: 77870