Re: [squid-users] squid 5.0.4 cache_peer bug on https outgoing

2020-09-28 Thread openwrt
It worked. thanks. Alex Rousskov 于2020年9月28日周一 下午9:52写道: > On 9/28/20 5:39 AM, openwrt wrote: > > > The bug is that cache_peer https CONNECT drops the port number > > Please try the attached patch. > > Thank you, > > Alex. > > > > squid cache_peer https CONNECT packet. > > > > CONNECT d.qqq.win

Re: [squid-users] squid 5.0.4 cache_peer bug on https outgoing

2020-09-28 Thread Alex Rousskov
On 9/28/20 5:39 AM, openwrt wrote: > The bug is that cache_peer https CONNECT drops the port number Please try the attached patch. Thank you, Alex. > squid cache_peer https CONNECT packet. > > CONNECT d.qqq.win  HTTP/1.1 (bad format: without port) > > 0040   d1 d8 43 4f 4e 4e 45 43 54 20 64

Re: [squid-users] squid 5.0.4 cache_peer bug on https outgoing

2020-09-28 Thread Amos Jeffries
On 28/09/20 10:39 pm, openwrt wrote: > I located the bug and found a another way to deal with it. > > The bug is that cache_peer https CONNECT drops the port number > > If you do the compatibility treatment on the back of the agent software, > you can solve this problem > > However, it would be

Re: [squid-users] squid 5.0.4 cache_peer bug on https outgoing

2020-09-28 Thread Amos Jeffries
On 28/09/20 6:41 pm, openwrt wrote: > Yes, I've tried all of these combinations. > > ### 0x00 cache_peer no ssl > >> ssl_bump allow all "allow" is not a SSL-Bump action type for any version of Squid. AFAIK, SSL-Bump falls back to

Re: [squid-users] squid 5.0.4 cache_peer bug on https outgoing

2020-09-28 Thread openwrt
I located the bug and found a another way to deal with it. The bug is that cache_peer https CONNECT drops the port number If you do the compatibility treatment on the back of the agent software, you can solve this problem However, it would be best if it was resolved on squid. ### 0x01 wireshare

Re: [squid-users] squid 5.0.4 cache_peer bug on https outgoing

2020-09-27 Thread openwrt
Yes, I've tried all of these combinations. ### 0x00 cache_peer no ssl > ssl_bump allow all > cache_peer 127.0.0.1 parent 3129 0 【no ssl】 curl http://google.com -x http://admin:squid@localhost :3128 -v -k 【it is ok】 curl https://google.com -x https://admin:squid@localhos

Re: [squid-users] squid 5.0.4 cache_peer bug on https outgoing

2020-09-27 Thread Alex Rousskov
On 9/27/20 12:07 PM, sec wrote: > http_port 3128 ssl-bump ... > curl http://google.com -x https://admin:squid@localhost:3128 -v -k The above two lines do not match AFAICT: You tell curl to use an HTTPS proxy, but you tell Squid to expect plain HTTP proxy requests. Also, please note that if you

[squid-users] squid 5.0.4 cache_peer bug on https outgoing

2020-09-27 Thread sec
X-Squid-Error: ERR_SECURE_CONNECT_FAIL 71 Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE) ### 0x01 squid version squid -v Squid Cache: Version 5.0.4 Service Name: squid This binary uses OpenSSL 1.0.2g 1 Mar 2016. For legal restrictions on distribution see https://www.openssl.org/source/li