Hello, I've got a situation where two quasi-simultaneaous incoming client HTTP requests for the same URL (for ~2 MB large file) seem to be merged as one upstream request.
One of the clients isn't reading the answer from squid, so its receive window fills up. Then the send buffer on squid for that connection fills up as well. Fine except that it seems to block the other connection (which has an empty receive buffer on the client and empty send buffer on the squid machine). We see the upstream connection receive buffer filling up until it all deadlocks. To get out of that, all we can do is close the bogus connection for the other one and the upstream one to start flowing again. In my case, it's on the same machine (some bogus software that does two identical requests, only reads the headers from the first one, and reads everything (but hangs because of that squid bug/limitation) on the second. I don't know if the same may happen with different clients. That would be a DOS vulnerability as one client may cause a connection from another client to hang by doing the same request at the same time. It is a 3.1.20 (debian wheezy amd64) in a transparent proxy configuration (TPROXY). I can come up with some perl code to reproduce the issue if that may help. Is that some known issue? Would there be a workaround (like disabling the merging of requests)? Thanks, Stephane
