On 25/09/2015 2:13 a.m., Yuri Voinov wrote: > > 24.09.15 7:12, Amos Jeffries пишет: >> On 24/09/2015 2:04 a.m., Yuri Voinov wrote: >>> >>> Through assertion and then restarts squid: >>> >>> 2015/09/23 20:03:25 kid1| Validated 35899 Entries >>> 2015/09/23 20:03:25 kid1| store_swap_size = 1730768.00 KB >>> 2015/09/23 20:03:26 kid1| storeLateRelease: released 0 objects >>> 2015/09/23 20:03:26 kid1| assertion failed: PeerConnector.cc:116: >>> "peer->use_ssl" >>> 2015/09/23 20:03:30 kid1| Set Current Directory to /var/cache/squid >>> 2015/09/23 20:03:30 kid1| Starting Squid Cache version >>> 3.5.7-20150808-r13884 for x86_64-unknown-cygwin... >>> 2015/09/23 20:03:30 kid1| Service Name: squid >>> 2015/09/23 20:03:30 kid1| Process ID 11160 > >> There you go. The peering ACLs are working. > >> Now you need to fix the ssl_bump rules such that the torproject traffic >> does not require bump/decrypt before sending over the insecure peer >> connection. Squid does not support re-encrypt. > Huh. It works. Thank your, Amos! > > >> Please use 3.5.9 for that part. > 3.5.9 does support re-encrypt? No, but it has better ssl_bump processing and more SNI related functonality that may allow you to avoid having to decrypt in the first place. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
