Alex Rousskov wrote:
On 06/26/2009 01:02 AM, Amos Jeffries wrote:
------------------------------------------------------------
revno: 9766
committer: Amos Jeffries <squ...@treenet.co.nz>
branch nick: 3.HEAD
timestamp: Fri 2009-06-26 19:02:45 +1200
message:
Bug 2674: Remove limit on HTTP headers read.
Headers may be accumulated over more than one read. It does not make
sense to limit the internal copy of the accumulated read buffer to 64KB.
Reverts the internal read buffer to MemBuf defaults. This may cause
issues where headers are of unbounded size. But those are expected to be
caught by the header parser.
modified:
src/http.cc
Hi Amos,
FYI: I have seen Squid crash if request header size limit is set to
"none" or a large value in squid.conf. There were several problems
leading to those crashes, some of them having to do with header
field->string conversions (String size limits are about 64K). Perhaps
things changed in v3.1, but in v3.0 the header parser was not catching
or could not catch all of the corner cases.
One of the test cases is a forwarding loop with unlimited X-Forward-For
growth.
I am not saying the changes should be reverted. Just want to share the
above info in case you start seeing crashes on large headers.
HTH,
Alex.
Ouch. Okay. Thank you.
Definitely no back-porting of this then. Not even to 3.1 since the
string fixups were Kinkies work intended for 3.2 when you have time to
audit the sringng patch.
There is still a MemBuf limit in affect here. It's just the 1GB one now
instead of 64KB.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE16
Current Beta Squid 3.1.0.9
