Hello List,
at the moment I need to use the request_header_add directive to supply
information to a cache_peer backend.
I intended to use:
request_header_add X-Authenticated-User %ul
but the %ul is expanded to a dash (-) and I wonder why and how I can
submit the authenticated to user to my
On 10/04/2014 20:07, Eliezer Croitoru wrote:
Hey Nick,
In a case you do know the tokens meaning and if it is working properly
you can try to use StoreID in 3.4.X
http://wiki.squid-cache.org/Features/StoreID
It is designed to allow you this specific issue you are sure it is.
About the
On 11/04/2014 7:26 p.m., Kein Name wrote:
Hello List,
at the moment I need to use the request_header_add directive to supply
information to a cache_peer backend.
I intended to use:
request_header_add X-Authenticated-User %ul
but the %ul is expanded to a dash (-) and I wonder why and how I
Amos Jeffries schrieb:
On 11/04/2014 7:26 p.m., Kein Name wrote:
Hello List,
at the moment I need to use the request_header_add directive to supply
information to a cache_peer backend.
I intended to use:
request_header_add X-Authenticated-User %ul
but the %ul is expanded to a dash (-)
Dear Ellezer
Thank you for this. it appears the way forward would be to check that
the URL matches a pattern, and if it does, compute the store_id from
the checksum embedded in the URL. The same pattern might be used
across a large range of windows update objects, thereby avoiding cache
misses
On 04/11/2014 08:37 AM, Nick Hill wrote:
rmed a SGA1 checksum on the downloaded file. The checksum was
6fda48f8c83be2a15f49b83b10fc3dc8c1d15774
The file was downloaded using wget, with the tokens. This matches the
part of the file name between the underscore and period.
The only thing we need
Hello,
Yesterday I upgraded OpenSSL version. (Although I was using OpenSSL 1.0.0 - not
affected by Heartbleed, but I upgraded none-the-less)
I am using sslbump (squid 3.4.4). Using Firefox 28.0 (latest 64bit tar.bz2)
After this upgrade i.e. from 1.0.0 to 1.0.1, Firefox started giving
Amos Jeffries schrieb:
Config:
cache_peer 10.1.2.3 parent 8000 0 no-query originserver login=PASS
This is a origin server peer. The header delivered to it is
WWW-Authenticate. Proxy-Authenticate is invalid on connections to origin
servers.
Is your proxy a reverse-proxy or a
On 11/04/2014 10:16 p.m., Amm wrote:
Hello,
Yesterday I upgraded OpenSSL version. (Although I was using OpenSSL 1.0.0 -
not affected by Heartbleed, but I upgraded none-the-less)
I am using sslbump (squid 3.4.4). Using Firefox 28.0 (latest 64bit tar.bz2)
After this upgrade i.e. from
On Friday, 11 April 2014 4:46 PM, Amos wrote:
On 11/04/2014 10:16 p.m., Amm wrote:
After this upgrade i.e. from 1.0.0 to 1.0.1, Firefox started giving
certificate error stating sec_error_inadequate_key_usage.
This does not happen for all domains but looks like happening ONLY
for google
I also use this patch and would like if it is possible to somehow go on without
it.
May it be due to the fact squid caches the generated SSL certificates in the
ssl_crtd store? So we need to clear the store when root CA certificate for SSL
bump is regenerated?
Raf
On Friday, 11 April 2014 5:19 PM
I also use this patch and would like if it is possible to somehow go on
without it.
May it be due to the fact squid caches the generated SSL certificates in the
ssl_crtd store?
So we need to clear the store when root CA certificate for SSL bump is
On 11/04/2014 11:55 p.m., Amm wrote:
On Friday, 11 April 2014 5:19 PM
I also use this patch and would like if it is possible to somehow go on
without it.
May it be due to the fact squid caches the generated SSL certificates in the
ssl_crtd store?
So we need to clear the store when
On Friday, 11 April 2014 6:29 PM, Amos wrote:
It seems to be something in firefox was buggy and they have a workaround
coming out in version 29.0, whether that will fix the warnign display or
just allow people to ignore/bypass it like other cert issues I'm not
certain.
Amos
Ok, but then
On 12/04/2014 1:19 a.m., Amm wrote:
On Friday, 11 April 2014 6:29 PM, Amos wrote:
It seems to be something in firefox was buggy and they have a workaround
coming out in version 29.0, whether that will fix the warnign display or
just allow people to ignore/bypass it like other cert issues
On 11/04/2014 10:18 p.m., Kein Name wrote:
Amos Jeffries schrieb:
Config:
cache_peer 10.1.2.3 parent 8000 0 no-query originserver login=PASS
This is a origin server peer. The header delivered to it is
WWW-Authenticate. Proxy-Authenticate is invalid on connections to origin
servers.
Hi Ellezer
I have re-compiled squid 4.3 along with the storeid_file_rewrite.
(Maybe largefile should be a default config directive!)
I added the following to squid.conf
store_id_program /usr/local/squid/libexec/storeid_file_rewrite
/etc/squid3/storeid_rewrite
store_id_children 40 startup=10
Hi Amos,
Below is the router script I have pasted into the firewall section of my
tomato router. It does not seem to forward packets to the proxy. Any ideas
what I am doing wrong. I am a newbie who is trying to learn.
Thanks for your help.
# IPv4 address of proxy
PROXYIP4= 192.168.1.16
#
Hello,
I recently upgraded OpenSSL from 1.0.0 to 1.0.1 (which supports TLS1.2)
I also recompiled squid against new OpenSSL.
Now there is this (BROKEN) bank site:
https://www.mahaconnect.in
This site closes connection if you try TLS1.2 or TLS1.1
When squid tries to connect, it says:
Failed
Hello,
I accidentally came across this. I was trying to test what TLS version
my squid reports.
So I ran this command:
openssl s_client -connect 192.168.1.2:8081
where 8081 is https_port on which squid runs. (with sslbump)
And BOOM, squid went in to infinite loop! And started running out of
20 matches
Mail list logo