<div dir="ltr">Or use socat. I have used it to allow ancient SSLv3-only clients to communicate with TLS-only servers. <div><br></div><div>Jason</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Mar 10, 2016 at 12:28 AM, Amos Jeffries <span dir="ltr"><<a href="mailto:squid3@treenet.co.nz" target="_blank">squid3@treenet.co.nz</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 9/03/2016 6:53 p.m., Howard Kranther wrote:<br>
> Hello, I am investigating the use of squid as a client side proxy to<br>
> provide TLS 1.2 support for a VOIP application using SIP over TCP.The<br>
> application would use TCP or TLS 1.0 to communicate with squid, which<br>
> would bump either of those to TLS 1.2 to communicate with a phone<br>
</span>> system.The application uses a commercial SIP stack so adding an HTTP<br>
<span class="">> CONNECT message to the start of a SIP session and processing the<br>
> response is problematic.<br>
<br>
</span>Squid is an HTTP proxy. CONNECT is the only way non-HTTP compatible<br>
protocols can be delivered over HTTP.<br>
<br>
You need to go looking for a SOCKS proxy.<br>
<br>
Amos<br>
<br>
_______________________________________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div>Cheers</div><div><br></div><div>Jason Haar</div><div>Information Security Manager, Trimble Navigation Ltd.</div><div>Phone: +1 408 481 8171</div><div>PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1</div></div></div>
</div>