From owner-freebsd-questions Fri Oct 1 14:59:24 1999 Delivered-To: freebsd-questions@freebsd.org Received: from blockhead.mincom.com (blockhead1.mincom.com [203.55.175.241]) by hub.freebsd.org (Postfix) with ESMTP id 45F1814C17 for ; Fri, 1 Oct 1999 14:59:04 -0700 (PDT) (envelope-from philh@mincom.com) Received: (from uucp@localhost) by blockhead.mincom.com (8.9.3/8.9.3) id HAA20644 for ; Sat, 2 Oct 1999 07:59:03 +1000 (EST) (envelope-from philh@mincom.com) Received: from porthole.mincom.oz.au(172.17.100.2) via SMTP by blockhead.mincom.oz.au, id smtpdu20640; Sat Oct 2 07:58:59 1999 Received: (from philh@localhost) by porthole.mincom.oz.au (8.8.8/8.8.5) id HAA31259 for freebsd-questions@freebsd.org; Sat, 2 Oct 1999 07:58:58 +1000 (EST) Date: Sat, 2 Oct 1999 07:58:58 +1000 From: Phil Homewood To: freebsd-questions@freebsd.org Subject: squid, ssl, socks5 and -STABLE Message-ID: <19991002075858.B32723@mincom.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.5i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I seem to have found a problem with squid 2.2-STABLE4 running under FreeBSD-3.3-STABLE (cvsupped within the last 36 hours). The squid host sits behind a firewall (also 3.3-STABLE, last cvsupped a couple of weeks ago.) running SOCKS5. I also have a second firewall, same config but still running a 3.2-STABLE; makes no difference which firewall I use. squid is run under `runsocks' to allow it to transparently see parent caches at our ISP. All requests are passed onto the parents (as well as a sibling inside the firewall) with the exception of https: requests, which go "DIRECT" (translates as "direct via the SOCKS5 proxy" of course.) Problem: https: requests return no data (zero bytes) to the browser. The cache logs the following error: sslWriteServer: FD 20: write failure: (35) Resource temporarily unavailable. It appears a write() at ssl.c:265 is failing with EAGAIN. It gets weirder, though. If I enable comm debugging in squid.conf (debug_options 5,9) it no longer gets EAGAIN, but rather ENOTSOCK, and reports "socket operation on non-socket" to the browser. squid.conf and libsocks5.conf available to anyone who asks. Have I found a buglet in squid, in FreeBSD's socket code, or am I just doing something terminally stupid? (This basic concept has been working fine with squid 1.1.x on Digital Unix, so I see no theoretical reason why I can't do what I want to here...) Any advice greatly appreciated! -- Phil Homewood DNRC email: philh@mincom.com Postmaster and BOFH Mincom Pty Ltd phone: +61-7-3303-3524 Brisbane, QLD Australia fax: +61-7-3303-3269 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message