[squid-dev] [PATCH] SSLv2 records force SslBump bumping despite a matching step2 peek rule.
Christos Tsantilas
christos at chtsanti.net
Thu Jan 12 15:35:04 UTC 2017
If Squid receives a valid TLS Hello encapsulated into ancient SSLv2
records (observed on Solaris 10) the old code ignored the step2 peek
decision and bumped the transaction instead.
The patch fixes Squid to peeks (or stares) at the origin server as
configured, even if it does not recognize the client TLS record/message.
This is a Measurement Factory project.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SQUID-241-SSL-v2-records-force-step2-bumping-t2.patch
Type: text/x-patch
Size: 8884 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20170112/b34d8d33/attachment.bin>
More information about the squid-dev
mailing list