[squid-dev] [PATCH] Bump SSL client on [more] errors encountered before ssl_bump evaluation

Christos Tsantilas christos at chtsanti.net
Tue Feb 7 10:12:41 UTC 2017


On 07/02/2017 11:43 πμ, Amos Jeffries wrote:
> On 7/02/2017 6:07 a.m., Christos Tsantilas wrote:
>> Applied to trunk as r15036.
>>
>> I am attaching the patch for squid-3.5
>>
>>
>> On 04/02/2017 04:07 μμ, Amos Jeffries wrote:
>>> On 4/02/2017 8:27 a.m., Christos Tsantilas wrote:
>>>> ... such as ERR_ACCESS_DENIED with HTTP/403 Forbidden triggered by an
>>>> http_access deny rule match.
>>>>
>>>> The old code allowed ssl_bump step1 rules to be evaluated in the
>>>> presence of an error. An ssl_bump splicing decision would then trigger
>>>> the useless "send the error to the client now" processing logic instead
>>>> of going down the "to serve an error, bump the client first" path.
>>>>
>
> Does this fix bug 4646?

Nope.
The bug-4646 is a little different because of a splice, which decided 
before the squid-to-server-connection error.


>
> Amos
>


More information about the squid-dev mailing list