[squid-users] peek & splice only to log ssl info
Matus UHLAR - fantomas
uhlar at fantomas.sk
Fri Feb 25 19:36:11 UTC 2022
Hello,
I'll upgrade some debian servers to debian 10 where squid-ssl package (4.13)
is available and I'm searching for way to enhance current logging of CONNECT
requests to include SSL data - SNI servername and possibly basic certificate
info.
I only intend to splice connections but after repeated reading
https://wiki.squid-cache.org/Features/SslPeekAndSplice I still don't
understand parts of the logic.
- is the combination described at:
https://wiki.squid-cache.org/Features/SslPeekAndSplice#Basic_Splicing_and_Bumping
enough for logging SNI and cert info?
- are peek and they completely equal at step 1?
- what's the difference between peek and splice that makes it impossible
(most of the time) to splice (stare) or bump (peek) the connection?
I guess I don't really need to know this one but I'm curious.
thanks for comments.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Your mouse has moved. Windows NT will now restart for changes to take
to take effect. [OK]
More information about the squid-users
mailing list