[squid-users] cant bump ssl
Alex Rousskov
rousskov at measurement-factory.com
Tue Dec 15 22:16:25 UTC 2015
On 12/15/2015 02:57 PM, Amos Jeffries wrote:
> On 16/12/2015 9:17 a.m., Alex Rousskov wrote:
>> On 12/15/2015 12:46 PM, HackXBack wrote:
>>> why i cant bump ssl conection with android
>>> my squid conf is
>>
>>> ssl_bump bump ssl_step2 SNIGroup5
>>> ssl_bump splice all
>>
>>
>> In modern Squids, your configuration above is equivalent to:
>>
>> ssl_bump splice all
>>
>> because, during the very first SslBump processing step (step1), your
>> bump rule never matches while your splice rule always does. Once the
>> final rule (bump, splice, or terminate) matches, Squid performs the
>> matched action and stops further SslBump rules processing.
>
> Um, I dont think so. There is a "peek step1" hiding a few lines above that.
Sorry I missed that hiding place.
Alex.
More information about the squid-users
mailing list