On 2/02/2016 2:32 a.m., Dave Lewthwaite wrote: > Hi Christos, > > Sorry my apologies - I had my build env a bit mixed up. Anyway I’ve cleared > that down and re-applied the patch - it’s all working now which is excellent > news (http_port / CONNECT and https_port / transparent/intercept). >
Hurrah! :-) > For clarity - > > Reviewion: squid-4.0.4-20160111-r14487 > Patch applied cleanly with > patch -p0 < ../cert_subject_gone-t4.patch > > > It wouldn’t apply cleanly to the latest nightly. > > May be related - the %>ru field in the ACL is now logged as host:port for > http_port/CONNECT and ip:port for https_port/transparent - is the ‘:port’ > expected? If so then I will modify our external ACL to strip it off before > performing comparison. > It should show what was received from the client. CONNECT request is expected to have IP:port or host:port depending on what info is available. Due to SNI intercepted port 443 traffic may be either IP:port or sni:port on the synthetic CONNET request. Other requests with URL scheme:// are expected to omit the :port if it is the registered default port for that scheme (ie https:// means no ":443", http:// no ":80", ftp:// no ":21", etc) but otherwise always include the :port. > When are you targeting 4.0 to be released? > The next beta (4.0.5) should be out in the next few days. 4.1 (stable) will be out as soon as we have a 10 day period with no major bugs existing and no new bugs being found. No certain timeline on when that will occur. Amos _______________________________________________ squid-dev mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-dev
