[squid-users] Squid 4.0.15 sni exceptions works for whatsapp
Eliezer Croitoru
eliezer at ngtech.co.il
Fri Oct 28 14:30:35 UTC 2016
In 4.0.14 there was a regression in ssl bump.
I have tested with the next snippet:
acl DiscoverSNIHost at_step SslBump1
acl NoSSLIntercept ssl::server_name_regex -i "/etc/squid/url.nobump"
ssl_bump splice NoSSLIntercept
ssl_bump peek DiscoverSNIHost
ssl_bump bump all
##url.nobump
w[0-9]+\.web\.whatsapp\.com$
\.web\.whatsapp\.com$
web\.whatsapp\.com$
w3.web.whatsapp.com$
And it seems that in a regular forward proxy mode squid respects the
ssl::server_name_regex and http://web.whatsapp.com/ seems to works as
expected.
Anyone else can help me to verify it?
I have not tested in intercept mode yet but I ASSUME that since the issue
was present in both intercept and forward mode now it should be resolved to
both.
Eliezer
----
Eliezer Croitoru <http://ngtech.co.il/lmgtfy/>
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 63241 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161028/3ef4fbfa/attachment-0001.bin>
More information about the squid-users
mailing list