From: Christos Tsantilas <chtsanti@users.sourceforge.net>
Date: Wed, 3 Jun 2015 10:42:08 +0000 (+0300)
Subject: Fix Squid Assertion comm.cc:759: "Comm::IsConnOpen(conn)"
X-Git-Tag: merge-candidate-3-v1~93
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b418d9c8cb5ea7b4cac2c7c4dd38c3075a1ad794;p=thirdparty%2Fsquid.git

Fix Squid Assertion comm.cc:759: "Comm::IsConnOpen(conn)"

This is a squid Assertion inside ConnStateData::getSslContextDone while setting timeout. The reason is that the ConnStateData::clientConnection connection may
closed while waiting response from ssl_crtd helper.

This is a Measurement Factory project
---

diff --git a/src/client_side.cc b/src/client_side.cc
index 8ba88387c5..b860b64d59 100644
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -3816,6 +3816,11 @@ ConnStateData::sslCrtdHandleReplyWrapper(void *data, const Helper::Reply &reply)
 void
 ConnStateData::sslCrtdHandleReply(const Helper::Reply &reply)
 {
+    if (!isOpen()) {
+        debugs(33, 3, "Connection gone while waiting for ssl_crtd helper reply; helper reply:" << reply);
+        return;
+    }
+
     if (reply.result == Helper::BrokenHelper) {
         debugs(33, 5, HERE << "Certificate for " << sslConnectHostOrIp << " cannot be generated. ssl_crtd response: " << reply);
     } else if (!reply.other().hasContent()) {
diff --git a/src/ssl/support.cc b/src/ssl/support.cc
index bec1ddb82e..c8a161bb20 100644
--- a/src/ssl/support.cc
+++ b/src/ssl/support.cc
@@ -1606,6 +1606,11 @@ bool Ssl::generateUntrustedCert(X509_Pointer &untrustedCert, EVP_PKEY_Pointer &u
 SSL *
 SslCreate(SSL_CTX *sslContext, const int fd, Ssl::Bio::Type type, const char *squidCtx)
 {
+    if (fd < 0) {
+        debugs(83, DBG_IMPORTANT, "Gone connection");
+        return NULL;
+    }
+
     const char *errAction = NULL;
     int errCode = 0;
     if (SSL *ssl = SSL_new(sslContext)) {