[squid-users] Host header forgery affects pure splice environment too?
Yuri Voinov
yvoinov at gmail.com
Sun Dec 27 23:00:01 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
So, you can't get this error.
Ergo, it may be client configuration problem.
Is there is transparent proxy?
28.12.15 4:57, Jason Haar пишет:
> On 28/12/15 11:50, Yuri Voinov wrote:
>> I think, to eliminate this error you need to splice all torify
connections.
> As I said - squid is configured to *only* splice - there is no bump-ing
> going on. So this is already the case
>
> acl DiscoverSNIHost at_step SslBump1
> ssl_bump peek DiscoverSNIHost
> acl SSL_https port 443
> ssl_bump splice SSL_https
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJWgG1xAAoJENNXIZxhPexGd8sH/jmGtAoiVEihSQNYXlXLU//I
ESTzuZ/HV5i5tEctnaJnibfG1eqV7ieEAQ+JHfjLyACEGqHbT1wnwVYO1gaerCUG
Z6IiLtIe2380Nk4+TlU8/rRS8cnAszWb/CnUdYiGMUrgNfhgrlTey6hgb5vuWNfA
gmMdvHNFXB3yXXbMKDYjJ+TEuVXBzVTCFOwxxPxBSckQyL7iI8cg09Ke2tTmmdkL
lwrVnC44I2z0cTkYQwtW8O+Bhi4N4umSv1ArrJGOXX1QTcKozhpfT5QVFMD+s6yG
J4t10stb7iL2SYKclPZNS1u4UPkNTEx6/euZfyMQvZ1Z7ZjLQTxmpfUc2R7zWpA=
=Nraq
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151228/5584c257/attachment.html>
More information about the squid-users
mailing list