[squid-dev] [PATCH] sslproxy_options in peek-and-splice mode
Tsantilas Christos
chtsanti at users.sourceforge.net
Sun Feb 8 17:43:57 UTC 2015
Bug description:
- Squid sslproxy_options deny the use of TLSv1_2 SSL protocol:
sslproxy_options NO_TLSv1_2
- Squid uses peek mode for bumped connections.
- Web client sends an TLSv1_2 hello message and squid in peek mode,
forwards the client hello message to server
- Web server respond with an TLSv1_2 hello message
- Squid while parsing server hello message aborts with an error
because sslproxy_options deny the use ot TLSv1_2 protocol.
This patch fixes squid to ignore sslproxy_options in peek or stare
bumping mode.
This is a Measurement Factory project
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-sslproxy_options-t2.patch
Type: text/x-patch
Size: 6549 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20150208/4aed94d9/attachment.bin>
More information about the squid-dev
mailing list