[squid-users] SSL handshake
senor
frio_cervesa at hotmail.com
Sun Aug 8 05:48:45 UTC 2021
Wireshark flags the next protocol extension as malformed coming from (popular origin server).
Alex - Can you point to a patch under test or other changes that we can use to alleviate this pain?
The extension is included in the Server Hello due to it being included in the Client Hello. I was hoping there was a way to use tls_outgoing_options but I don't see any relevant options. I think I can comment it out in Handshake.cc but is there a run-time option?
Thanks
________________________________________
From: squid-users <squid-users-bounces at lists.squid-cache.org> on behalf of Alex Rousskov <rousskov at measurement-factory.com>
Sent: Tuesday, August 3, 2021 1:04 PM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] SSL handshake
FWIW, Factory can reproduce this (popular origin server) problem with
and without Squid. We are adding a Squid enhancement that will work
around the problem (and improve TLS support in general).
Alex.
> curl: (35) error:1423506E:SSL routines:ssl_next_proto_validate:bad extension
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list