[squid-users] peek vs stare on step1

Anthony Pankov anthony.pankov at yahoo.com
Wed Mar 4 09:57:08 UTC 2026

Previous message (by thread): [squid-users] peek vs stare on step1
Next message (by thread): [squid-users] peek vs stare on step1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Matus,

Tuesday, March 3, 2026, 5:02:30 PM, you wrote:

> On 03.03.26 16:56, Anthony Pankov wrote:
>>I wander what action to choose for sslbump on step1.
>>
>>A documentation (https://wiki.squid-cache.org/Features/SslPeekAndSplice) said the same for both:
>>
>>"When a stare/peek rule matches during step1, Squid proceeds to step2 where it parses the TLS Client Hello and extracts SNI (if any)."

> Alex answered my questions about peek/splice 4 years ago, here's link:
> https://ml-archives.squid-cache.org/squid-users/2022-February/024589.html

> I hope it helps you at least a bit.

Thank you. As I can understand stare vs peek on step1 differentiated by default action (bump/splice) applied later when this action is not explicitly defined.

I'm confusing because code contain many things in terms clientFirst, serverFirst (for example const bool clientFirstBump = ) but in configuration its deprecated and no clue how it relate to peek/stare. Also there is a flag sslPeek but no flag sslStare. While sslPeek seems not related to peek/stare and mean "internal ssl-bump request to get server cert".

In conclusion my thought is that peek/stare on step1 are the same when every sslbump step is explicitly defined in configuration.

-- 
Best regards,
Anthony

Previous message (by thread): [squid-users] peek vs stare on step1
Next message (by thread): [squid-users] peek vs stare on step1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the squid-users mailing list