[squid-users] ssl bump and url_rewrite_program (like squidguard)
Walter H.
Walter.H at mathemainzel.info
Thu Nov 12 16:01:10 UTC 2015
On 05.11.2015 04:26, Amos Jeffries wrote:
> There was a bug about the wrong SNI being sent to servers on bumped
> traffic that got re-written. That got fixed in Squid-3.5.7 and
> re-writers should have been fully working since then.
This seems to be a bug in 3.5.x only
with 3.4.10 this works fine ...
just tries the following url-rewrite-program (perl)
<url-rewrite-program.pl>
#!/usr/bin/perl -wl
$ |= 1; # don't buffer the output
while ( <> )
{
unless( m,(\S+) (\S+)/(\S+) (\S+) (\S+), )
{
$uri = ''; next;
}
$uri = $1;
...
$uri = "301:https://rsa-md5.ssl.hboeck.de/" if ( $uri =~
m/^https:\/\/ssl\.hboeck\.de\/(\S*)/ );
}
continue
{
print "$uri";
}
exit;
</url-rewrite-program.pl>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4312 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151112/d1086437/attachment.bin>
More information about the squid-users
mailing list