Bug 150781 - Squid doesn't handle headers split across packets
Summary: Squid doesn't handle headers split across packets
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: squid
Version: 3.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Martin Stransky
QA Contact:
URL: http://www.squid-cache.org/Versions/v...
Whiteboard:
Keywords:
Depends On:
Blocks: 168424
TreeView+ depends on / blocked
 
Reported: 2005-03-10 15:35 UTC by Robert Clark
Modified: 2017-10-27 16:13 UTC (History)
2 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2006-03-15 15:41:54 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2006:0045 qe-ready SHIPPED_LIVE Moderate: squid security update 2006-03-15 05:00:00 UTC

Description Robert Clark 2005-03-10 15:35:52 UTC
This is with squid-2.5.STABLE3-6.3E.8

Squid doesn't cope with HTTP response headers which are split across different
TCP packets.

Observed proxying to http://www.iii.co.uk/
Produces the following error (intermittantly):

2005/03/10 10:59:01| WARNING: unparseable HTTP header field near {: Thu, 10 Mar
2005 10:58:59 GMT
Server: Apache/1.3.22 (Unix) AxKit/1.4_82 mod_perl/1.26 mod_gzip/1.3.19.1a
Vary: X-HOST
Expires: now
Pragma: no-cache
: no-cache,no-store,private
Content-Type: text/html
Content-Encoding: gzip
: 18064
}

The missing parts of the headers are being sent by the origin server but are
lost by squid.

This is a known issue and the patch to fix it is available at:
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-split_headers.patch

I've tested this and it applies cleanly to the current SRPM and fixes the problem.

Comment 4 Martin Stransky 2005-11-15 12:27:47 UTC
The new release-candidate packages for RHEL3/4 are available here:

http://people.redhat.com/stransky/squid/


Comment 7 Red Hat Bugzilla 2006-03-15 15:41:55 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0045.html



Note You need to log in before you can comment on or make changes to this bug.