[squid-users] Host header forgery affects pure splice environment too?
Yuri Voinov
yvoinov at gmail.com
Sun Dec 27 23:04:50 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
wpad.dat&proxy.pac?
28.12.15 4:57, Jason Haar пишет:
> On 28/12/15 11:50, Yuri Voinov wrote:
>> I think, to eliminate this error you need to splice all torify
connections.
> As I said - squid is configured to *only* splice - there is no bump-ing
> going on. So this is already the case
>
> acl DiscoverSNIHost at_step SslBump1
> ssl_bump peek DiscoverSNIHost
> acl SSL_https port 443
> ssl_bump splice SSL_https
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJWgG6SAAoJENNXIZxhPexG5goIAMEsk0p8KVhLHKhsJaJGU5ya
lhWAqEv+iA4byiXoPmGsz0FqBmw2IhQrpbyw+WXdhDuEcQkC7d4iMpGceX/PoeM7
H1FWvdLX4BtIybexi6fhj55m1xUhS7JgL0/KUCWsZBAECpc6r9ckgqoi1uysmEGF
L+2ZxLw1lyax7d7vaMDNNXHoBt+BoIUSkGZGtaU+Ry8sXtZa8elqsTDGqHtm2nPd
QjzDjFc26U2VISM7P7ecxSsZI9LO0XxPuVVS0JdbZG28p1ksTFc7TdclptlWh/sQ
Vl7R0GIaU29qJrJbOLLwIDjpI2yPMtMnq5S8AdrOJxNl5cXckog4ccCzGQ9hEdQ=
=Hv/7
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151228/e77c6fcf/attachment.html>
More information about the squid-users
mailing list