[squid-users] SSL handshake
Alex Rousskov
rousskov at measurement-factory.com
Tue Aug 10 17:44:19 UTC 2021
On 8/8/21 1:48 AM, senor wrote:
> Can you point to a patch under test or other changes that we can use
> to alleviate this pain?
I will probably regret sharing this unfinished work, but our current
changes can be found at [1]. A Factory customer has reported successful
deployment, but the changes still need a lot of work; the results are
not ready for review of any kind. Also, we do not have enough free
cycles to port those in-progress changes to your current Squid version,
whatever it is.
[1] https://github.com/measurement-factory/squid/commit/16a3534
As always, we will post the fix for the official review ASAP. My current
ballpark ETA for that is ~6 weeks.
HTH,
Alex.
> From: squid-users <squid-users-bounces at lists.squid-cache.org> on behalf of Alex Rousskov <rousskov at measurement-factory.com>
> Sent: Tuesday, August 3, 2021 1:04 PM
> To: squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] SSL handshake
>
> FWIW, Factory can reproduce this (popular origin server) problem with
> and without Squid. We are adding a Squid enhancement that will work
> around the problem (and improve TLS support in general).
>
> Alex.
>
>> curl: (35) error:1423506E:SSL routines:ssl_next_proto_validate:bad extension
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
More information about the squid-users
mailing list