[squid-dev] [PATCH] SNI information is not set on transparent bumping mode
Tsantilas Christos
chtsanti at users.sourceforge.net
Sun Feb 8 17:07:18 UTC 2015
SNI information is not set on transparent bumping mode
Forward SNI (obtained from an intercepted client connection) to servers
when SslBump peeks or stares at the server certificate.
SslBump was not forwarding SNI to servers when Squid obtained SNI from
an intercepted client while peeking (or staring) at client Hello.
This patch also fixes squid to consider hostname included in SNI
information more reliable than the hostname provided in CONNECT request
for certificates CN verify
This is a Measurement Factory project
-------------- next part --------------
A non-text attachment was scrubbed...
Name: No-SNI-when-bumping-after-peeking-t3.patch
Type: text/x-patch
Size: 6931 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20150208/79c3801e/attachment.bin>
More information about the squid-dev
mailing list