On 22/07/2015 12:44 p.m., Alex Wu wrote: > it depends on how you set up squid, and where the connection is broken. The > patch addessed the issue that occured using sslbump and content redirect > together. >
I'd like some clarification what the exact problem symptoms are please. AFAIK, both redirect and re-write actions happen a relatively long time *after* the bumping TLS handshakes to server are completed. Its far too late to send the pre-handshake SNI data to the server. I can see this change as affecting reverse-proxy / CDN configurations with TLS on both connections. But you said this was SSL-bumping, and reverse-proxy configurations already have a cache_peer option to set the internal domain name without re-write/redirect. Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
