Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1620546

Summary: migration of upstream squid bug 4007
Product: Red Hat Enterprise Linux 7 Reporter: Zeng Yiquan <yzeng>
Component: squidAssignee: Luboš Uhliarik <luhliari>
Status: CLOSED CURRENTRELEASE QA Contact: Maryna Nalbandian <mnalband>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 7.4CC: bnater, dmaley, fkrska, jorton, kwalker, luhliari, msugaya, nobody+bgollahe, pemensik, toneata, whaidinger
Target Milestone: rcKeywords: Patch, Triaged, ZStream
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: squid-3.5.20-13.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1657638 (view as bug list) Environment:
Last Closed: 2019-08-08 09:16:48 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1630907, 1630916, 1654421, 1657638    
Attachments:
Description Flags
test zone for named. none

Description Zeng Yiquan 2018-08-23 07:03:03 UTC 
Description of problem:

cu ask when will we can FIX the the upstream squid bug 4007 on our system.
https://bugs.squid-cache.org/show_bug.cgi?id=4007

Version-Release number of selected component (if applicable):

squid-3.5.20-10.el7

How reproducible:

Due to the squid bug there're a log of CLOSE_WAIT connection on RHEL server.

Steps to Reproduce:

1.  -bash-4.2$ telnet localhost 8080
  Trying ::1...
  Connected to localhost.
  Escape character is '^]'.
  connect www.XXXXXXXX.com:443 http/1.0

  ^]
  telnet> quit

TCP connection state transition

2. telnet->connect
  # netstat -natp
  tcp6 0 0 ::1:8080  ::1:4285     ESTABLISHED -
  tcp6 0 0 ::1:4285  ::1:8080     ESTABLISHED 15472/telnet

3. After telnet quit
  # netstat -natp
  tcp6 1 0 ::1:8080  ::1:4285     CLOSE_WAIT  -

  $ /usr/bin/squidclient -p 8080 mgr:active_requests
  ~omit~
  Connection: 0x565477e1ee28
          FD 33, read 46, wrote 0
          FD desc: Reading next request
          in: buf 0x56547877c640, used 0, free 39
          remote: [::1]:4285
          local: [::1]:8080
          nrequests: 1
  uri www.XXXXXXXX.com:443
  logType TAG_NONE
  out.offset 0, out.size 0
  req_sz 46
  entry (nil)/N/A
  start 1534921819.179745 (707.093529 seconds ago)
  username -
  delay_pool 0

Actual results:

even the telnet was quit and the TCP connection is not CLOSE become CLOSE_WAIT

Expected results:

After the telnet was quit and the connection become COLSE

Additional info:
Comment 3 Walter Haidinger 2018-08-31 10:20:44 UTC 
Seconded, we've also had a incident where the client ran into ephemeral port exhaustion.
Comment 9 Zeng Yiquan 2018-11-20 06:18:47 UTC 
Customer said this bug fix on RHEL7.7 is to long and hope we can offer a squid hot fix for RHEL7as soon as possible due this bug was fixed on upstream.

Type of Fix: Z/EUS

I have changed the Internal Status to Waiting on PM few days,But no respose, whether is there anything I was missing?
Comment 21 Petr Menšík 2018-12-13 14:51:57 UTC 
Created attachment 1514087 [details]
test zone for named.

To help reproduce this issue:

Install bind package, append to /etc/named.conf following:

zone "cname" {
                type master;
                file "cname.test";
        };

Save this attachment as /var/named/cname.test

systemctl restart named

Then change /etc/resolv.conf to 127.0.0.1

Hostname cname.cname. would have CNAME without address, as is this required. Use dig -t A cname.cname to verify it.

Note: This will change DNS resolving of system, any reporting to network would not work until original nameservers are used in /etc/resolv.conf.
Comment 24 Zeng Yiquan 2019-03-13 02:31:37 UTC 
Now this bug was fixed in squid-3.5.20-12.el7_6.1 shipped with 7.6.Z Stream, But the cu who without EUS subscription ask when can release on standard version. It there any comment? thank you.
Comment 25 Branislav Náter 2019-03-26 13:07:06 UTC 
When we do fix in 7.6 z-stream, packages are also pushed to y-stream repos. squid-3.5.20-12.el7_6.1 is already available to customers subscribed to regular (y-stream) repos.