[squid-dev] forward bumped traffic to parent in plain form

Alex Rousskov rousskov at measurement-factory.com
Fri Apr 3 15:47:26 UTC 2026

Previous message (by thread): [squid-dev] forward bumped traffic to parent in plain form
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2026-04-03 07:20, Anthony Pankov wrote:
> 
> I've tried to call getSslContextStart() in startPeakAndSplice().
> 
> But the problem is:
> getSslContextStart() return synchronously in most cases after calling getSslContextDone().
> 
> But in the case of #if USE_SSL_CRTD (my case) it return after sending request to CRTD without calling getSslContextDone().
> getSslContextDone() will be called further in sslCrtdHandleReplyWrapper().
> 
> So we are back in startPeakAndSplice() without getSslContextDone() and connections are closed.
> 
> Is there a preferred way to solve this problem?

AFAICT, in your case, startPeekAndSplice() should do nothing when the 
added getSslContextStart() call returns. From 
https://ml-archives.squid-cache.org/squid-dev/2026-March/009992.html : 
getSslContextStart() should eventually trigger a call to 
getSslContextDone() with a non-nil Security::ContextPointer that calls 
httpsCreate() with the transaction-specific security context (SNI, etc.).

That eventual httpsCreate() call should advance the transaction further.

I am sure more changes will be needed.

HTH,

Alex.

Previous message (by thread): [squid-dev] forward bumped traffic to parent in plain form
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the squid-dev mailing list