[squid-users] host header forgery false positives
Amos Jeffries
squid3 at treenet.co.nz
Mon Feb 15 13:48:47 UTC 2016
On 15/02/2016 4:20 p.m., Dan Charlesworth wrote:
> Did a bug end getting filed for this?
>
> I can probably provide some ALL,9 logs but I don’t understand the problem well enough to write up a decent report I don’t think.
>
Thanks for the reminder. I dont recall seeing a bug report being made.
Though Jason has sent me a more detailed cache.log trace to work with.
This issues is a little tangled up with two others in the same area.
Firstly SSL-Bump code is a bit mixed up about whether its following
accel or intercept, or bump logic pathways. We have to get that
straightened out, which should resolve this.
There is also the host verify traffic that should HIT being treated as
MISS wrongly. A bug repot and patch exist for that, which might help
reduce the affects of this issue a bit until bump and intercept logics
are separated.
Amos
More information about the squid-users
mailing list