On 16/12/2015 9:17 a.m., Alex Rousskov wrote: > On 12/15/2015 12:46 PM, HackXBack wrote: >> why i cant bump ssl conection with android >> my squid conf is > >> ssl_bump bump ssl_step2 SNIGroup5 >> ssl_bump splice all > > > In modern Squids, your configuration above is equivalent to: > > ssl_bump splice all > > because, during the very first SslBump processing step (step1), your > bump rule never matches while your splice rule always does. Once the > final rule (bump, splice, or terminate) matches, Squid performs the > matched action and stops further SslBump rules processing. Um, I dont think so. There is a "peek step1" hiding a few lines above that. So it should be peek at step 1, bump or splice at step 2. HackXBack: you mention TAG_NONE. That means bump did start happening. Splice or nothing at all would be TCP_TUNNEL in the log. This is sounding just like the Solaris timeout issues Yuri was having before we fixed /dev/poll in 3.5.11. We continue to find and fix issues with bumping though, so 3.5.12 is needed. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
