On 10/28/2016 03:58 PM, Eliezer Croitoru wrote:
> OK then I will wait for 4.0.16 to see how it will work there.
> In 3.5.22 I see that there is still an issue.
Yes, but we did provide a v3.5 fix as well, and I encourage you to test
it:
OK then I will wait for 4.0.16 to see how it will work there.
In 3.5.22 I see that there is still an issue.
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: Alex Rousskov
On 2016-10-28 18:39, Yuri Voinov wrote:
It seems bug.
On 2016-10-28 19:53, Alex Rousskov wrote:
Is it a bug, documentation error or I simply missed something?
It is a bug IMO. The documented intent sounds worth supporting to me.
Thanks. I've opened the report [1].
[1]
On 10/28/2016 08:30 AM, Eliezer Croitoru wrote:
> In 4.0.14 there was a regression in ssl bump.
If you are thinking about the server_name bug fixed by trunk r14898,
then it was not a v4.0.14 regression but an original bug. Any
server_name testing without that fix is nearly useless (unfortunately)
On 10/28/2016 06:56 AM, Garri Djavadyan wrote:
> The last sentence for generate-host-certificates[=] option
> paragraph states:
>
> This option is enabled by default when ssl-bump is used.
I see no [trunk] code to match that statement.
> Is it a bug, documentation error or I simply
In 4.0.14 there was a regression in ssl bump.
I have tested with the next snippet:
acl DiscoverSNIHost at_step SslBump1
acl NoSSLIntercept ssl::server_name_regex -i "/etc/squid/url.nobump"
ssl_bump splice NoSSLIntercept
ssl_bump peek DiscoverSNIHost
ssl_bump bump all
##url.nobump
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
It seems bug.
Just always specify option explicity.
28.10.2016 18:56, Garri Djavadyan пишет:
> Hello list,
>
> The last sentence for generate-host-certificates[=] option
> paragraph states:
>
> This option is enabled by default when
Hello list,
The last sentence for generate-host-certificates[=] option
paragraph states:
This option is enabled by default when ssl-bump is used. See the
ssl-bump option above for more information.
But a client can't negotiate secure connection and times out when the
option is not
The PGP key I use to sign Squid binaries and associated files is being
refreshed.
Squid-4.0.16 and later releases will be signed with the key;
Email: Amos Jeffries (Squid Signing Key)
Fingerprint: B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E
This new Squid-4 key
Hi list,
Can I block facebook videos globally?
I wrote below acls
acl deny_rep_mime_flashvideo rep_mime_type video/x-flv
http_reply_access deny deny_rep_mime_flashvideo
acl facebook_videos dstdomain fbcdn-video-*.akamaihd.net video-*.fbcdn.net
fbcdn-creative-*.akamaihd.net
http_access deny
10 matches
Mail list logo