> From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] > Sent: Tuesday, August 10, 2010 6:48 PM > To: Alan Lehman > Cc: squid-users@xxxxxxxxxxxxxxx > Subject: RE: possible SOAP problem with 3.1.4 > > On Tue, 10 Aug 2010 09:14:05 -0500, "Alan Lehman" <alehman@xxxxxxxxxxx> > wrote: > >> >> From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] > >> >> Sent: Sunday, July 11, 2010 1:55 AM > >> >> To: squid-users@xxxxxxxxxxxxxxx > >> >> Subject: Re: possible SOAP problem with 3.1.4 > >> >> > >> >> Alan Lehman wrote: > >> >>> We have particular application software license server for our > >> office > >> >>> that is located behind a Squid proxy. It stopped working after > >> >> upgrading > >> >>> Squid from 3.1.0.17 to 3.1.4. This server periodically goes to > the > >> >>> software company's web site to verify the license is valid and > >> upload > >> >>> user counts, etc. It appears to be some sort of SOAP > application. > >> The > >> >>> license server runs on a Windows server. From access.log: > >> >>> > >> >>> Running 3.1.0.17 (succeeds) - > >> >>> 1278609155.802 470 172.16.4.43 TCP_MISS/200 725 POST > >> >>> http://selectserver.bentley.com/bss/ws/Misc.asmx - > >> >> DIRECT/64.90.235.78 > >> >>> text/xml > >> >>> 1278609157.482 1054 172.16.4.43 TCP_MISS/200 117679 POST > >> >>> http://selectserver.bentley.com/bss/ws/GatewayWS.asmx - > >> >>> DIRECT/64.90.235.78 text/xml > >> >>> > >> >>> Running 3.1.4 (fails) - > >> >>> 1278607986.223 1138 172.16.4.43 TCP_MISS/500 838 POST > >> >>> http://selectserver.bentley.com/bss/ws/Misc.asmx - > >> >> DIRECT/64.90.235.78 > >> >>> application/soap+xml > >> >>> 1278607987.128 895 172.16.4.43 TCP_MISS/200 1178 POST > >> >>> http://selectserver.bentley.com/bss/ws/Misc.asmx - > >> >> DIRECT/64.90.235.78 > >> >>> text/xml > >> >>> > >> >>> I verified the situation by going back to 3.1.0.17 with the same > >> >> config, > >> >>> whereupon it started working again. I tried adding cache deny > for > >> >> this > >> >>> domain but it didn't change anything. > >> >>> > >> >>> Any thoughts would be most appreciated. > >> >>> Thanks, > >> >>> Alan Lehman > >> >> Don't know the problem. > >> >> You are going to have to dig into the request/reply's a bit > further > >> to > >> >> see what the problems is. > >> >> The biggest difference between 3.1.0.17 and 3.1.4 is that > HTTP/1.1 > >> is > >> >> sent to the server by 3.1.4. It may be doing some broken magic, > as > >> >> evidenced by the different response type given to Squid now. > >> >> > >> >> Amos > >> >> -- > >> >> Please be using > >> >> Current Stable Squid 2.7.STABLE9 or 3.1.5 > >> > > >> > > >> > So far I'm unable to determine a consistent pattern with > Wireshark. > >> Is there a way I can force 3.1.4 to use HTTP/1.0? > >> > > >> > Alan > >> > >> You can reverse the 1.1 enabling patch found here: > >> http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1- > >> 9916.patch > >> > >> Amos > >> -- > >> Please be using > >> Current Stable Squid 2.7.STABLE9 or 3.1.5 > > > > > > Using Wireshark, I recorded the following conversation between the > license > > server and Squid-3.1.6. The capture with the patched version of squid > is > > very similar. It appears to me that the license server is not > responding > > correctly to Squid's 417, right? But why is Squid 3.1.6 (unpatched) > > issuing the 417? > > Um, this is a little strange. The *server* is making these requests > through Squid? > The client-server model indicates the machine you are calling a server > here is in fact a client. > > So, the workaround is to turn on the ignore_expect100 directive in > Squid. > Which suppresses the 417 response going to clients. > > > > > POST http://selectserver.bentley.com/bss/ws/GatewayWS.asmx HTTP/1.1 > > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client > > Protocol 2.0.50727.3603) > > Content-Type: text/xml; charset=utf-8 > > SOAPAction: > "http://bentley.com/selectserver/webservices/GetGatewayLicense"; > > Host: selectserver.bentley.com > > Content-Length: 564 > > Expect: 100-continue > > Proxy-Connection: Keep-Alive > > > > HTTP/1.0 417 Expectation Failed > > Server: squid/3.1.6 > > Mime-Version: 1.0 > > Date: Tue, 10 Aug 2010 13:40:31 GMT > > Content-Type: text/html > > Content-Length: 3944 > > X-Squid-Error: ERR_INVALID_REQ 0 > > Vary: Accept-Language > > Content-Language: en > > X-Cache: MISS from proxy2.gbateam.com > > Via: 1.0 proxy2.gbateam.com (squid/3.1.6) > > Proxy-Connection: close > > > > <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" > > "http://www.w3.org/TR/html4/strict.dtd";> > > <html><head>.... > > </body></html> > > So far so good. > > > > > <?xml version="1.0" encoding="utf-8"?><soap:Envelope > > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > > > xmlns:xsd="http://www.w3.org/2001/XMLSchema";><soap:Body><GetGatewayLice > nse > > > xmlns="http://bentley.com/selectserver/webservices/";><GatewayKey>062D04 > 32571D1748859E50B1CD98B9DE</GatewayKey><GatewaySiteKeys><string>062D043 > 2571D1748859E50B1CD98B9DE</string></GatewaySiteKeys><ComputerName>SUP1< > /ComputerName><SSHostName>selectserver.bentley.com</SSHostName></GetGat > ewayLicense></soap:Body></soap:Envelope> > > > > Um, Where is that garbage coming from? The POST? > > Assuming so, that would make the client broken and maybe a bug in Squid > lettign that brokenness through. > > This type of behaviour is what the ignore_expect100 can help with. > Making > Squid suppress the 417 to the client and drop any 100 is receives from > the > server. Passing the request on as if it was a regular POST with body > directly after . > > > > POST http://selectserver.bentley.com/bss/ws/usagelogging.asmx > HTTP/1.0 > > User-Agent: BSIlm/0.9.0.0 > > Host: selectserver.bentley.com > > Content-Length: 0 > > Proxy-Connection: Keep-Alive > > Pragma: no-cache > > > > HTTP/1.0 500 Internal Server Error > > Date: Tue, 10 Aug 2010 13:40:33 GMT > > Server: Microsoft-IIS/6.0 > > X-Powered-By: ASP.NET > > X-AspNet-Version: 2.0.50727 > > Cache-Control: private > > Content-Type: application/soap+xml; charset=utf-8 > > Content-Length: 481 > > X-Cache: MISS from proxy2.gbateam.com > > Via: 1.0 proxy2.gbateam.com (squid/3.1.6) > > Proxy-Connection: keep-alive > > Weird. > <snip server reply body> > > > > > POST http://selectserver.bentley.com/bss/ws/usagelogging.asmx > HTTP/1.0 > > User-Agent: BSIlm/0.9.0.0 > > Host: selectserver.bentley.com > > Content-Type: text/xml; charset=UTF-8 > > Proxy-Connection: Keep-Alive > > Pragma: no-cache > > Content-Length: 8153 > > SOAPAction: > > "http://bentley.com/selectserver/webservices/ReportUsageEntries"; > > > > <soap:Envelope.... ></soap:Envelope> > > > > HTTP/1.0 200 OK > > Date: Tue, 10 Aug 2010 13:40:43 GMT > > Server: Microsoft-IIS/6.0 > > X-Powered-By: ASP.NET > > X-AspNet-Version: 2.0.50727 > > Cache-Control: private, max-age=0 > > Content-Type: text/xml; charset=utf-8 > > Content-Length: 715 > > X-Cache: MISS from proxy2.gbateam.com > > Via: 1.0 proxy2.gbateam.com (squid/3.1.6) > > Proxy-Connection: keep-alive > > > > <?xml version="1.0" encoding="utf-8"?><soap:Envelope > > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > > > xmlns:xsd="http://www.w3.org/2001/XMLSchema";><soap:Body><ReportUsageEnt > riesResponse > > > xmlns="http://bentley.com/selectserver/webservices/";><ReportUsageEntrie > sResult><Status>0</Status><LicenseAvaliable>1</LicenseAvaliable><Produc > tName>MicroStation</ProductName><Ack>MHd0oUWqXDp3tB89iGrAbXpR63A=</Ack> > <CompanyName>George > > Butler & > > > Associates</CompanyName><SiteID>4012052</SiteID><SelectServerSerialNumb > er>70000661800020</SelectServerSerialNumber><LicType>1</LicType></Repor > tUsageEntriesResult></ReportUsageEntriesResponse></soap:Body></soap:Env > elope> > > > > Client then tries again without the Expect:. This is good behaviour > finally and it seems to work. > > > POST http://selectserver.bentley.com/bss/ws/usagelogging.asmx > HTTP/1.0 > > User-Agent: BSIlm/0.9.0.0 > > Host: selectserver.bentley.com > > Content-Length: 0 > > Proxy-Connection: Keep-Alive > > Pragma: no-cache > > > > HTTP/1.0 500 Internal Server Error > > Date: Tue, 10 Aug 2010 13:40:44 GMT > > Server: Microsoft-IIS/6.0 > > X-Powered-By: ASP.NET > > X-AspNet-Version: 2.0.50727 > > Cache-Control: private > > Content-Type: application/soap+xml; charset=utf-8 > > Content-Length: 481 > > X-Cache: MISS from proxy2.gbateam.com > > Via: 1.0 proxy2.gbateam.com (squid/3.1.6) > > Proxy-Connection: keep-alive > > > > Back to the weirdness with no apparent reason. > > > Amos Thanks for the help with this. Yes, the "license server" is the client. Sorry for that confusion. I added "ignore_expect_100 on". Now the license server client seems to be working and the conversation goes like this: POST http://selectserver.bentley.com/bss/ws/GatewayWS.asmx HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.3603) Content-Type: text/xml; charset=utf-8 SOAPAction: "http://bentley.com/selectserver/webservices/GetGatewayLicense"; Host: selectserver.bentley.com Content-Length: 564 Expect: 100-continue Proxy-Connection: Keep-Alive <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema";><soap:Body><GetGatewayLicense xmlns="http://bentley.com/selectserver/webservices/";><GatewayKey>062D0432571D1748859E50B1CD98B9DE</GatewayKey><GatewaySiteKeys><string>062D0432571D1748859E50B1CD98B9DE</string></GatewaySiteKeys><ComputerName>SUP1</ComputerName><SSHostName>selectserver.bentley.com</SSHostName></GetGatewayLicense></soap:Body></soap:Envelope> HTTP/1.0 200 OK Date: Thu, 12 Aug 2010 13:40:42 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: private, max-age=0 Content-Type: text/xml; charset=utf-8 Content-Length: 118153 X-Cache: MISS from proxy2.gbateam.com Via: 1.0 proxy2.gbateam.com (squid/3.1.6) Proxy-Connection: keep-alive <?xml version="1.0" encoding="utf-8"?><soap:Envelope [snip] So the "license server" is not understanding the 417? Do you see any problem with leaving ignore_expect_100 on ? CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any, is intended for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Thank you
