Ubuntu
squid package

  1. Mantic (23.10)
  2. Bug #2018472
  3. Comment #5

Comment 5 for bug 2018472

Revision history for this message
Vladimir (pvb2023) wrote :

- my network in which squid 192.168.0.0/16 is located
- squid address 192.168.55.35
- luproxy - test user
My minimal squid.conf to reproduce the problem. ACL my_localnet is clearly NOT my network.
--- squid.conf ---
acl my_localnet src 10.1.0.0/16
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/private/USERS.internet_plain
acl AuthorizedUsers proxy_auth REQUIRED
http_access allow my_localnet AuthorizedUsers
http_access deny all
acl users_unlim proxy_auth luproxy
# Delay pools
delay_pools 1
delay_class 1 1
delay_parameters 1 1024/1024
delay_access 1 allow users_unlim
delay_access 1 deny all

Eexecuting curl from a neighboring machine will return
$ curl -vvvv -x luproxy:nci8uFuin@192.168.55.35:3128 example.com
* Rebuilt URL to: example.com/
* Trying 192.168.55.35...
* TCP_NODELAY set
* Connected to 192.168.55.35 (192.168.55.35) port 3128 (#0)
* Proxy auth using Basic with user 'luproxy'
> GET http://example.com/ HTTP/1.1
> Host: example.com
> Proxy-Authorization: Basic bHVwcm94eTpuY2k4dUZ1aW4=
> User-Agent: curl/7.58.0
> Accept: */*
> Proxy-Connection: Keep-Alive
>
 * Empty reply from server
* Connection #0 to host 192.168.55.35 left intact
curl: (52) Empty reply from server

On the squid machine, we observe a crash
# tail /var/log/apport.log
ERROR: apport (pid 2511534) Sat May 13 20:10:04 2023: called for pid 2511531, signal 11, core limit 0, dump mode 1
ERROR: apport (pid 2511534) Sat May 13 20:10:04 2023: executable: /usr/sbin/squid (command line "(squid-1) --kid squid-1 --foreground -sYC")
ERROR: apport (pid 2511534) Sat May 13 20:10:04 2023: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment
ERROR: apport (pid 2511534) Sat May 13 20:10:04 2023: wrote report /var/crash/_usr_sbin_squid.13.crash

If you specify my network in squid.conf ACL my_localnet or comment out the line "delay_access 1 allow users_unlim", squid executes the request successfully.

#acl my_localnet src 10.1.0.0/16
acl my_localnet src 192.168.0.0/16
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/private/USERS.internet_plain
acl AuthorizedUsers proxy_auth REQUIRED
http_access allow my_localnet AuthorizedUsers
http_access deny all
acl users_unlim proxy_auth luproxy
# Delay pools
delay_pools 1
delay_class 1 1
delay_parameters 1 1024/1024
#delay_access 1 allow users_unlim
delay_access 1 deny all