[squid-users] squid 3.5.3 can't get peek and splice to not bump certain sites
Amos Jeffries
squid3 at treenet.co.nz
Mon Apr 13 03:21:22 UTC 2015
On 13/04/2015 2:37 p.m., Nathan Hoad wrote:
> Hi Stan,
>
> So one of the things that peek and splice added was support for the
> Server Name Indication SSL extension, which let's Squid make bumping
> decisions more accurately based on the hostname, rather than the IP
> address. Prior to this, bumping on only the IP address caused issues
> for virtual hosting and such.
>
FYI; Christos has now also created a ssl::server_name ACL which tests
the SNI values (amongst other things) for this use case. I'm just in the
process of back porting it now, so future 3.5 snapshots and releases
should have it available.
Amos
More information about the squid-users
mailing list