Please excuse my persistence, but when that condition was introduced, in [2011](https://github.com/squid-cache/squid/commit/9d7a49fb719dcd9ec22a8d3116e888c6e93c5dbb), it was meant to prevent forwarding unencrypted requests. You can see that there is no check whether `cache_peer` is using ssl, in which case requests would be encrypted, after all.
I think that condition shouldn't include `cache_peer`s with ssl.
On Thu, Jul 21, 2016 at 6:51 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
On 21/07/2016 3:36 a.m., Mihai Ene wrote:
>> Squid SHOULD be able to send SSL-bump decrypted traffic to a cache_peer
> with 'ssl' flag set.
>
> But squid's source code says otherwise:
> https://github.com/squid-cache/squid/blob/23f981d410009ba5aee455144d18b4178d042b34/src/FwdState.cc#L816
>
> Besides, I'm seeing that `debugs` output on line 819 in my logs when
> testing with an ssl enabled cache_peer.
>
Ah, darn. Sorry. You are right. I was mistaking the originserver peer case.
Amos
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
