On 15/11/2015 11:52 a.m., Alex Rousskov wrote: > On 11/14/2015 12:42 PM, Stefan Kutzke wrote: > >> I have built a RPM package with latest 3.5.11 source based >> on http://www1.ngtech.co.il/repo/centos/6/SRPMS/squid-3.5.9-1.el6.src.rpm >> Squid is configured with SSL bump similar to the configuration suggested >> by Sebastian. > > ... > >> 2015/11/10 19:24:30.181 kid1| 33,5|... >> 2015/11/10 19:25:30.016 kid1| 33,3| AsyncCall.cc(93) ScheduleCall: >> IoCallback.cc(135) will call >> ConnStateData::clientPinnedConnectionRead(local=172.31.1.15:49421 >> remote=212.45.105.89:443 FD 15 flags=1, flag=-10, data=0x19ced08) >> [call349] > > > This one second gap after a successful SSL negotiation with the origin > server is rather suspicious, but I am going to ignore it, go out on a > limb, and speculate that you might be suffering from the "Handshake > Problem during Renegotiation" bug that we recently fixed. I do not think > the fix has made it into v3.5 branch yet, but you can get our v3.5 patch > here: > > http://lists.squid-cache.org/pipermail/squid-dev/2015-November/003700.html > FYI: I've just done the backport. It will be in snapshot r13951 or later which should be available in 6-12hrs. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
