On 10/28/2016 02:39 AM, Christos Tsantilas wrote: > I am attaching the squid-3.5 version of the patch.
Amos, will you commit this fix to the v3.5 branch? Thank you, Alex. > On 10/27/2016 12:46 AM, Amos Jeffries wrote: >> On 21/10/2016 5:18 a.m., Christos Tsantilas wrote: >>> >>> The original server_name code mishandled all SNI checks and some rare >>> host checks: >>> >>> * The SNI-derived value was pointing to an already freed memory storage. >>> * Missing host-derived values were not detected (host() is never nil). >>> * Mismatches were re-checked with an undocumented "none" value instead >>> of being treated as mismatches. >>> >>> Same for ssl::server_name_regex. >>> >>> Also set SNI for more server-first and client-first transactions. >>> >>> This is a Measurement Factory project. >>> >> >> +1. >> >> Amos _______________________________________________ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev