[squid-dev] forward bumped traffic to parent in plain form

Anthony Pankov anthony.pankov at yahoo.com
Thu Apr 16 11:41:21 UTC 2026

Previous message (by thread): [squid-dev] forward bumped traffic to parent in plain form
Next message (by thread): [squid-dev] forward bumped traffic to parent in plain form
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Alex,

>> Further, all code for mimicking(inheriting) certificate properties of
>> origin server should be involved only when step2 is a  peek/stare
>> mode.
>> > Does this match ideal logic behind sslbump in squid project?

> I hesitate calling any related logic "ideal", but I am not sure that current Squid works or should work the way you describe. AFAICT, according to SslPeekAndSplice, after step1, Squid interprets "bump" as

> * "talk to the server and then respond to the client" rather than
> * "respond to the client and then talk to the server".


Yes, I'm interesting how Squid should work.
If a bump after step1 defined as "talk to the server and then respond to the client" consequently Squid should not allow any "client-first" modes.
Otherwise term "bump" in configuration must be redefined or have to be interpreted conditionally. 


-- 
Best regards,
Anthony

Previous message (by thread): [squid-dev] forward bumped traffic to parent in plain form
Next message (by thread): [squid-dev] forward bumped traffic to parent in plain form
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the squid-dev mailing list