Re: [squid-users] Skype Issues

2016-06-30 Thread Marcus Kool
On 06/30/2016 09:10 AM, Amos Jeffries wrote: ... The on_unsupported_protocol directive is about what its name says *any* unsupported protocol. Not ICQ specific. I think the issue here is that Skype looks at the binary level like TLS. TLS being a supported protocol if it looks close enough

Re: [squid-users] Skype Issues

2016-06-30 Thread Amos Jeffries
On 30/06/2016 5:19 a.m., Yuri Voinov wrote: > > No, the problem in another place. > > This option about ICQ, not about Skype. > > 29.06.2016 22:58, Renato Jop пишет: >> I've installed squid4 and the problems still persists. I've added the >> following acl: >> # define what Squid errors

Re: [squid-users] Skype Issues

2016-06-29 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 No, the problem in another place. This option about ICQ, not about Skype. 29.06.2016 22:58, Renato Jop пишет: > I've installed squid4 and the problems still persists. I've added the > following acl: > # define what Squid errors indicate

Re: [squid-users] Skype Issues

2016-06-29 Thread Renato Jop
I've installed LibreSSL 2.2.9 and the issue still persists. I think I am going to have install squid4 even if it's still in beta to solve this issues. Thanks for your help. Renato Jop On Mon, Jun 27, 2016 at 9:36 AM, Renato Jop wrote: > Is there a way to verify that the SSL

Re: [squid-users] Skype Issues

2016-06-27 Thread Renato Jop
Is there a way to verify that the SSL library doesn't support SSLv3? Renato Jop On Mon, Jun 27, 2016 at 8:43 AM, Yuri wrote: > Looks like your SSL library does not contain SSLv3 protocol support > already, but site announce it. > > 27.06.2016 20:42, Renato Jop пишет: > > I

Re: [squid-users] Skype Issues

2016-06-27 Thread Yuri
Looks like your SSL library does not contain SSLv3 protocol support already, but site announce it. 27.06.2016 20:42, Renato Jop пишет: I removed the NO_SSLv2, NO_SSLv3 however, right before the SSL3_GET_RECORD:wrong version number the SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol is

Re: [squid-users] Skype Issues

2016-06-27 Thread Renato Jop
I removed the NO_SSLv2, NO_SSLv3 however, right before the SSL3_GET_RECORD:wrong version number the SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol is shown. Renato Jop On Mon, Jun 27, 2016 at 8:29 AM, Yuri wrote: > Try to remove NO_SSLv2,NO_SSLv3 from options. SSLv2

Re: [squid-users] Skype Issues

2016-06-27 Thread Yuri
Try to remove NO_SSLv2,NO_SSLv3 from options. SSLv2 already not supported everywhere, RC4/3DES is SSLv3 ciphers, so it can be confuse software. I.e., you use custom ciphers/protocols combinations, which can lead issue. 27.06.2016 20:25, Renato Jop пишет: Thank you both for your valuable

Re: [squid-users] Skype Issues

2016-06-27 Thread Renato Jop
Thank you both for your valuable help. I've configured the tls-dh param with a strong Diffie-Hellman group (2048 bits) and configured the cipher as Yuri specified and I was able to get pass the unknown cipher, however now I get a "SSL routines:SSL3_GET_RECORD:wrong version number". Here's the

Re: [squid-users] Skype Issues

2016-06-25 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 25.06.2016 23:09, Amos Jeffries пишет: > On 26/06/2016 4:32 a.m., Yuri Voinov wrote: >> >> Amos, you are a wrong. >> >> No Squid-4. It's unstable and not ready for production. Whenever it's >> features. > > So some beta software has bugs

Re: [squid-users] Skype Issues

2016-06-25 Thread Renato Jop
Thanks both for you help. I'll try to make this changes and see if this solves my issues. Renato Jop On Sat, Jun 25, 2016 at 10:32 AM, Yuri Voinov wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Amos, you are a wrong. > > No Squid-4. It's unstable and not

Re: [squid-users] Skype Issues

2016-06-25 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Amos, you are a wrong. No Squid-4. It's unstable and not ready for production. Whenever it's features. Some time ago I have the same issue and know what happens exactly. Skype initial connection site uses RC4 cipher. Which is disabled in most

Re: [squid-users] Skype Issues

2016-06-25 Thread Amos Jeffries
On 26/06/2016 1:19 a.m., Renato Jop wrote: > Hello, > I've configured squid to filter both HTTP and HTTPS traffic and for the > most part the squid server is working correctly, however, I am always > unable to login with skype. Skype does send all the requests through the > suid server, but

[squid-users] Skype Issues

2016-06-25 Thread Renato Jop
Hello, I've configured squid to filter both HTTP and HTTPS traffic and for the most part the squid server is working correctly, however, I am always unable to login with skype. Skype does send all the requests through the suid server, but looking into the cache.log I always get a Error