Hi Alex,
On 29/12/22 08:14, Alex Rousskov wrote:
Hi Amish,
Thank you for updating test results. I have a working theory:
Staring SslBump disregards parsed tcp_outgoing_options since commit
f233022. That commit message explains why tcp_outgoing_options should
be ignored when peeking at th
Hi Amish,
Thank you for updating test results. I have a working theory:
Staring SslBump disregards parsed tcp_outgoing_options since commit
f233022. That commit message explains why tcp_outgoing_options should be
ignored when peeking at the server. The message does not explain why
_starin
Hi Alex,
Thank you once again!
See replies inline below.
On 28/12/22 22:57, Alex Rousskov wrote:
Hi Amish,
TLS options are used on _both_ sides, in various cases, but there
are still too many unknowns, and I cannot quickly answer all of your
questions at once. Sorry. I can only guide yo
Hi Amish,
TLS options are used on _both_ sides, in various cases, but there
are still too many unknowns, and I cannot quickly answer all of your
questions at once. Sorry. I can only guide you one step at a time.
* If you are sure that SSL_CTX_set_options() is not called when talking
to t
Hi Alex,
On 28/12/22 21:31, Alex Rousskov wrote:
Hi Amish,
Squid parsing code is tricky. tls_outgoing_options parsing code is
triply so. Even its authors misinterpret it!
I assume you have removed multiple tls_outgoing_options directives
from your configuration before testing. If you ha
Hi Amish,
Squid parsing code is tricky. tls_outgoing_options parsing code is
triply so. Even its authors misinterpret it!
I assume you have removed multiple tls_outgoing_options directives from
your configuration before testing. If you have not, please merge those
directives into one and
