On 10/28/2016 03:58 PM, Eliezer Croitoru wrote:
> OK then I will wait for 4.0.16 to see how it will work there.
> In 3.5.22 I see that there is still an issue.
Yes, but we did provide a v3.5 fix as well, and I encourage you to test
it:
http://lists.squid-cache.org/pipermail/squid-dev/2016-October/
OK then I will wait for 4.0.16 to see how it will work there.
In 3.5.22 I see that there is still an issue.
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: Alex Rousskov [mailto:rouss...@measurement-fa
On 2016-10-28 18:39, Yuri Voinov wrote:
It seems bug.
On 2016-10-28 19:53, Alex Rousskov wrote:
Is it a bug, documentation error or I simply missed something?
It is a bug IMO. The documented intent sounds worth supporting to me.
Thanks. I've opened the report [1].
[1] http://bugs.squid-
On 10/28/2016 08:30 AM, Eliezer Croitoru wrote:
> In 4.0.14 there was a regression in ssl bump.
If you are thinking about the server_name bug fixed by trunk r14898,
then it was not a v4.0.14 regression but an original bug. Any
server_name testing without that fix is nearly useless (unfortunately)
On 10/28/2016 06:56 AM, Garri Djavadyan wrote:
> The last sentence for generate-host-certificates[=] option
> paragraph states:
>
> This option is enabled by default when ssl-bump is used.
I see no [trunk] code to match that statement.
> Is it a bug, documentation error or I simply missed so
In 4.0.14 there was a regression in ssl bump.
I have tested with the next snippet:
acl DiscoverSNIHost at_step SslBump1
acl NoSSLIntercept ssl::server_name_regex -i "/etc/squid/url.nobump"
ssl_bump splice NoSSLIntercept
ssl_bump peek DiscoverSNIHost
ssl_bump bump all
##url.nobump
w[0-9]+\.web\.w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
It seems bug.
Just always specify option explicity.
28.10.2016 18:56, Garri Djavadyan пишет:
> Hello list,
>
> The last sentence for generate-host-certificates[=] option
> paragraph states:
>
> This option is enabled by default when ssl-bump i
Hello list,
The last sentence for generate-host-certificates[=] option
paragraph states:
This option is enabled by default when ssl-bump is used. See the
ssl-bump option above for more information.
But a client can't negotiate secure connection and times out when the
option is not specified
The PGP key I use to sign Squid binaries and associated files is being
refreshed.
Squid-4.0.16 and later releases will be signed with the key;
Email: Amos Jeffries (Squid Signing Key)
Fingerprint: B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E
This new Squid-4 key has been signed by the
On 28/10/2016 7:35 p.m., Indunil Jayasooriya wrote:
> Hi list,
>
>
> Can I block facebook videos globally?
>
"globally" is relative. If you can define an ACL or set of ACL tests
that match the transactions, you can block them.
> I wrote below acls
>
> acl deny_rep_mime_flashvideo rep_mime_typ
10 matches
Mail list logo
