On 27/01/2017 5:54 a.m., Christos Tsantilas wrote:
> The patch applied to squid-5 as r15020 with the fixes suggested by Alex.
>
> I am attaching the equivalent patch for squid-3.5.
>
Applied to 3.5 as rev.14139
Amos
___
squid-dev mailing list
The patch applied to squid-5 as r15020 with the fixes suggested by Alex.
I am attaching the equivalent patch for squid-3.5.
On 25/01/2017 11:42 μμ, Alex Rousskov wrote:
On 01/25/2017 12:12 PM, Christos Tsantilas wrote:
On 25/01/2017 08:24 μμ, Alex Rousskov wrote:
* A client-sent ClientHello
On 01/25/2017 12:12 PM, Christos Tsantilas wrote:
>> On 25/01/2017 08:24 μμ, Alex Rousskov wrote:
>> * A client-sent ClientHello is required for peeking. The calling code
>> must ensure that we never get here without it. Throw if our calling code
>> is buggy.
> This is the correct.
Great. I have
On 25/01/2017 08:24 μμ, Alex Rousskov wrote:
On 01/16/2017 04:38 AM, Christos Tsantilas wrote:
On 13/01/2017 07:04 μμ, Alex Rousskov wrote:
The dependency here is that clientHelloMessage comes from our parser. We
can substitute OpenSSL-generated ClientHello with client-sent
ClientHello
On 01/16/2017 04:38 AM, Christos Tsantilas wrote:
> On 13/01/2017 07:04 μμ, Alex Rousskov wrote:
>> The dependency here is that clientHelloMessage comes from our parser. We
>> can substitute OpenSSL-generated ClientHello with client-sent
>> ClientHello because/if we successfully parsed and stored
I am attaching a new patch based on Alex comments.
I also changed the patch preamble a little to much better what squid does.
Please see my comments bellow.
On 13/01/2017 07:04 μμ, Alex Rousskov wrote:
On 01/12/2017 02:28 PM, Christos Tsantilas wrote:
On 12/01/2017 06:48 μμ, Alex Rousskov
On 01/12/2017 02:28 PM, Christos Tsantilas wrote:
> On 12/01/2017 06:48 μμ, Alex Rousskov wrote:
>> On 01/12/2017 08:35 AM, Christos Tsantilas wrote:
>>> The patch fixes Squid to peeks (or stares) at the origin server as
>>> configured, even if it does not recognize the client TLS record/message.
On 12/01/2017 06:48 μμ, Alex Rousskov wrote:
On 01/12/2017 08:35 AM, Christos Tsantilas wrote:
The patch fixes Squid to peeks (or stares) at the origin server as
configured, even if it does not recognize the client TLS
record/message.
s/to peeks (or stares)/to peek (or stare)/
I agree that
On 01/12/2017 08:35 AM, Christos Tsantilas wrote:
> The patch fixes Squid to peeks (or stares) at the origin server as
> configured, even if it does not recognize the client TLS
> record/message.
s/to peeks (or stares)/to peek (or stare)/
I agree that this is the right thing to do, but I have
If Squid receives a valid TLS Hello encapsulated into ancient SSLv2
records (observed on Solaris 10) the old code ignored the step2 peek
decision and bumped the transaction instead.
The patch fixes Squid to peeks (or stares) at the origin server as
configured, even if it does not recognize
10 matches
Mail list logo