Search squid archive

Re: Started testing squid-6.0.0-20210204-r5f37a71ac

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hey Alex,

Where exactly do you see Host Header Forgery in my last email?

Eliezer

* I wrote my own proxy for now.

----
Eliezer Croitoru
Tech Support
Mobile: +972-5-28704261
Email: ngtech1ltd@xxxxxxxxx
Zoom: Coming soon


-----Original Message-----
From: Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> 
Sent: Thursday, February 11, 2021 7:02 PM
To: Eliezer Croitoru <ngtech1ltd@xxxxxxxxx>; squid-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re:  Started testing squid-6.0.0-20210204-r5f37a71ac

On 2/11/21 10:41 AM, Eliezer Croitoru wrote:

> The issue that makes it's impossible to surf not to cache.
> The 
>> 2021/02/07 19:46:07 kid1| ERROR: failure while accepting a TLS
>> connection on conn2195 local=216.58.198.67:443
>> remote=192.168.189.94:41724 FD 104 flags=33: 0x55cf6a6debe0*1
>>
>>     current master transaction: master78
>>
>> which is a google host related issue.
> 
> The access to google hosts seems to be the main issue here.

How is this different from the host forgery related discussions we
recently had? I consider the general "What can we do about host forgery
errors?"  question answered already. If you disagree with those answers,
we can discuss further, but, to make progress, you need to say
explicitly which answer you disagree with and why.

Alex.


> -----Original Message-----
> From: Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> 
> Sent: Tuesday, February 9, 2021 11:03 PM
> To: Eliezer Croitoru <ngtech1ltd@xxxxxxxxx>;
> squid-users@xxxxxxxxxxxxxxxxxxxxx
> Subject: Re:  Started testing squid-6.0.0-20210204-r5f37a71ac
> 
> On 2/7/21 12:47 PM, Eliezer Croitoru wrote:
>> I move on to testing squid-6.0.0-20210204-r5f37a71ac
>>
>> Most of the issues I see are related to Host header forgery detection.
>>
>> I do see that the main issue with TLS is similar to:
>>
>> 2021/02/07 19:46:07 kid1| ERROR: failure while accepting a TLS
>> connection on conn2195 local=216.58.198.67:443
>> remote=192.168.189.94:41724 FD 104 flags=33: 0x55cf6a6debe0*1
>>
>>     current master transaction: master78
>>
>> which is a google host related issue.
> 
> 
>> Alex and Amos,
>>
>> Can the project do something about this?
>  FWIW, I do not understand what you are asking about -- it is not clear
> to me what "this" is in the context of your question. As you know, there
> have been several recent discussions about host header forgery detection
> problems. It is not clear to me whether you are asking about some
> specific new case or want to revisit some specific aspects of those
> discussions.
> 
> Alex.
> 

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux