[squid-dev] [PATCH] Ignore impossible SSL bumping actions, as intended and documented / bug 4237 fix

Alex Rousskov rousskov at measurement-factory.com
Tue Aug 11 17:28:19 UTC 2015


On 08/11/2015 10:40 AM, Amos Jeffries wrote:
> On 11/08/2015 11:24 p.m., Tsantilas Christos wrote:
>> On 08/11/2015 07:30 AM, Amos Jeffries wrote:
>>> What about the other documented actions:
>>>   * "reconnect" at step 1 & 2

>> The reconnect is not yet implemented.

> Gah. So for the last year-ish it has been published in wiki
> SslPeekAndSplice page as an available config option. But is actually
> nothing more than an unused enum value ?

Not quite. The wiki says: "There are several actions that Squid can do
while handling an SSL connection. See your Squid documentation for a
list of actions it actually supports." Our squid.conf.documented does
not mention "reconnect", of course.

IIRC, when the wiki page was created, none of the newer actions were
officially supported! Listing the ones we knew about helped admins to
prioritize (focus their requests on the most important ones while
thinking about future improvement plans).


And "terminate" is not an [unused] BumpMode enum value (I only checked
trunk though).


> Great. Please fix *that*.

This is not a bug, just a not-yet-implemented [and complex!] feature.
However, we should polish the wiki page to be more clear about each
action status. I propose the following wiki changes:

1. Gray-out actions that are not-yet supported by trunk.

2. Adding "This action is not supported yet" text to "reconnect". We
have that text for the "err" action already.

3. Changing "your Squid documentation" to "your squid.conf.documented".

4. Changing "that Squid can do" to "that may be useful".


Any better ideas?


Thank you,

Alex.



More information about the squid-dev mailing list