From: Christos Tsantilas <chtsanti@users.sourceforge.net>
Date: Sat, 13 Feb 2016 05:44:58 +0000 (+1300)
Subject: Bug 4437: Fix Segfault on Certain SSL Handshake Errors
X-Git-Tag: SQUID_4_0_6~7
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4e6462875a9159b3a71f39914602593bbd466168;p=thirdparty%2Fsquid.git

Bug 4437: Fix Segfault on Certain SSL Handshake Errors

Squid after an unsuccesfull try to connect to the remote server may make two
concurrent retries to connect to the remote SSL server, calling twice the
FwdState::retryOrBail() method, which may result to unexpected behaviour.

Prevent this by just closing the connection to the remote SSL server inside
FwdState::connectedToPeer method on error and instead of calling the
FwdState::retryOrBail method, just allow comm_close handler to retry the
connection if required.

  This is a Measurement Factory project
---

diff --git a/src/FwdState.cc b/src/FwdState.cc
index 004097e787..e21b697236 100644
--- a/src/FwdState.cc
+++ b/src/FwdState.cc
@@ -729,7 +729,7 @@ FwdState::connectedToPeer(Security::EncryptorAnswer &answer)
         answer.error.clear(); // preserve error for errorSendComplete()
         if (CachePeer *p = serverConnection()->getPeer())
             peerConnectFailed(p);
-        retryOrBail();
+        serverConnection()->close();
         return;
     }