Hello Matus,
Tuesday, March 3, 2026, 5:02:30 PM, you wrote: > On 03.03.26 16:56, Anthony Pankov wrote: >>I wander what action to choose for sslbump on step1. >> >>A documentation (https://wiki.squid-cache.org/Features/SslPeekAndSplice) said >>the same for both: >> >>"When a stare/peek rule matches during step1, Squid proceeds to step2 where >>it parses the TLS Client Hello and extracts SNI (if any)." > Alex answered my questions about peek/splice 4 years ago, here's link: > https://ml-archives.squid-cache.org/squid-users/2022-February/024589.html > I hope it helps you at least a bit. Thank you. As I can understand stare vs peek on step1 differentiated by default action (bump/splice) applied later when this action is not explicitly defined. I'm confusing because code contain many things in terms clientFirst, serverFirst (for example const bool clientFirstBump = ) but in configuration its deprecated and no clue how it relate to peek/stare. Also there is a flag sslPeek but no flag sslStare. While sslPeek seems not related to peek/stare and mean "internal ssl-bump request to get server cert". In conclusion my thought is that peek/stare on step1 are the same when every sslbump step is explicitly defined in configuration. -- Best regards, Anthony _______________________________________________ squid-users mailing list [email protected] https://lists.squid-cache.org/listinfo/squid-users
