Bug 4437: Fix Segfault on Certain SSL Handshake Errors

Squid after an unsuccesfull try to connect to the remote server may make two
concurrent retries to connect to the remote SSL server, calling twice the
FwdState::retryOrBail() method, which may result to unexpected behaviour.

Prevent this by just closing the connection to the remote SSL server inside
FwdState::connectedToPeer method on error and instead of calling the
FwdState::retryOrBail method, just allow comm_close handler to retry the
connection if required.

  This is a Measurement Factory project

diff --git a/src/FwdState.cc b/src/FwdState.cc
index 004097e787ed2ed449613b2bcfb2521a3970c787..e21b69723634e9e6d723d0cbd28fa3edd36e69cc 100644 (file)
--- a/src/FwdState.cc
+++ b/src/FwdState.cc
@@ -729,7 +729,7 @@ FwdState::connectedToPeer(Security::EncryptorAnswer &answer)
         answer.error.clear(); // preserve error for errorSendComplete()
         if (CachePeer *p = serverConnection()->getPeer())
             peerConnectFailed(p);
-        retryOrBail();
+        serverConnection()->close();
         return;
     }