[squid-users] can't get bump to work anymore on 3.5.7?
Jason Haar
Jason_Haar at trimble.com
Sat Aug 22 23:54:29 UTC 2015
On 22/08/15 13:38, HackXBack wrote:
> can you share your perl file
> /usr/local/bin/confirm_https.pl
> Thanks ..
>
It's not really useful... I hacked it together in order to be able to
differentiate a lot of the ways that I discovered bumping could fail
(client certs, lack of SNI, non-SSL). It's awful: bunches of calls to
openssl and curl - all sorts of kruft.
Very useful for me to learn about how all this works - but not designed
for production. Probably full of security risks too (eg I don't bother
sanitizing the hostnames - which are dropped into shell calls - not a
good look)
--
Cheers
Jason Haar
Corporate Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the squid-users
mailing list