Andy Bradford wrote: > were you presented with a certificate to accept
No. > is it transparent or does Fossil know it's using a proxy? It's transparent. Firefox works fine through it (both HTTP and HTTPS), and ssh works fine through it. Except that it's slow and tends to drop packets and randomly reset connections, so I frequently have to retry. > I do notice that Fossil doesn't verify that it got the mount of data > that is expected to be delivered in the Content-length header: > ... > It could verify iLength against what the previous read of the > Content-length header returned here: > ... > But this won't really help unless we think there is some kind of > tampering going on with the response (e.g. the proxy is truncating after > X number of bytes/lines, but how could it since this is HTTPS). HTTPS can't prevent a proxy from dropping packets, including all packets after a certain number of bytes for the connection. It also doesn't prevent bogus reset packets, though a properly-designed secure transport protocol (i.e. not SSL) could prevent them. Did you get the partially-cloned repository files that I posted? _______________________________________________ fossil-users mailing list [email protected] http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
