[squid-dev] Hello and ssl_bump and External ACLs - 4.0.2

Thu Jan 28 15:23:03 UTC 2016

Hi,

I appreciate it’s been a while but I’m still keen to get to the bottom of this problem.

I am currently working with nightly squid-4.0.4-20160124-r14504 applying a modified patch from earlier in this thread (I had to modify as some of the objects have moved around and are accessed differently). This results in the same problem, however, I was able to get it all working for normal proxy ports (HTTP where clients do CONNECT) by adding this line - 

acl_checklist->al = pipeline.front()->http->al;

Into ConnStateData::startPeekAndSpliceDone() from client_side.cc - the external ACL is then correctly evaluated with all the correct fields supplied and the splice/bump decision is made correctly.

It doesn’t work for transparent interception however (https_port and IPTables redirect) but it’s the ACL checking in this function that goes wrong.

I’m happy to try any suggestions and/or provide debug info etc.

Thanks in advance.