[squid-users] squid 3.4, Zero-Sized Replies from Windows Server

Amos Jeffries squid3 at treenet.co.nz
Thu Dec 3 12:04:46 UTC 2015

On 4/12/2015 12:34 a.m., Massimo.Sala wrote:
> We have a server with squid 3.4.8 as forward proxy ( clients have the 
> proxy configured in the browsers ).
> Sometimes we have  Zero-Sized Replies from Windows Servers as discussed 
> here :
>         https://squidproxy.wordpress.com/category/squid-3/
> The proxy server is in the internal LAN. We want to adopt this work-around 
> :
>         disable BEAST mitigation by ssloptions=ALL in squid.conf 
> (insecure)
> Does it work  in forwarding mode ?
>         http_port 3128 ssloptions=ALL

No. SSL options are not relevant to plain-text HTTP traffic.

>From the hints you have given about your configuration so far I believe
the HTTPS traffic is being tunnelled blindly through your proxy. All
TLS/SSL details are being negotiated between the client UA and the
server they are tunneled to.
Under such conditions there is *nothing* you can do to influence or
affect TLS/SSL behaviour short of blocking it outright on a per-server


More information about the squid-users mailing list