[squid-users] bypass pinned connection

Amos Jeffries squid3 at treenet.co.nz
Tue Jun 30 15:47:40 UTC 2015


On 1/07/2015 1:07 a.m., HackXBack wrote:
> most app's in mobiles used pinned connection.
> how we can automatically bypass any pinned connection come to squid and
> none_bump it ?
> is there a way to make that become automatically ?


I assume you mean Squid definition of pinning (and not the Chrome
terminology for TLS pinning, or the mobile phones terminology for radio
link pinning) after my last message.

A pinned connection in Squid terminology is a server connection which
MUST have a 1:1 relationship with some client connection. Closure or
un-pinning of either one terminates both connections.

They are used only when the client needs exclusive use of the server
connection (such as CONNECT tunnel or SSL-Bump decryption), or when some
abuse of protocol is being done which mandates the two TCP connections
not be re-used by other clients transactions (such a NTLM/Negotiate
"connection auth" or SSL-Bump decryption).

Amos



More information about the squid-users mailing list