[squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

Hi After upgrading squid 3.4.4 to 3.4.7 (64Bit, self-compiled, the same configure-options, the same config-file, ssl_bump with "ssl_bump server-first all" enabled), I'm no more able to access bumped https-sites because of a TCP_DENIED/403. #-- relevant parts of squid.conf ---

Re: [squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

I think, this behaviour was introduced with squid 3.4.4.1 (http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13113.patch). I don't exactly understand this behaviour. Any hints for this? Thanks a lot. Kind regards, Tom On Mon, Oct 6, 2014 at 11:59 AM, Tom Tom wrote: > Hi > > After

Re: [squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 9/10/2014 2:09 a.m., Tom Tom wrote: > I think, this behaviour was introduced with squid 3.4.4.1 > (http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13113.patch). > > I don't exactly understand this behaviour. Any hints for this? Ah

Re: [squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 9/10/2014 3:21 a.m., Amos Jeffries wrote: > On 9/10/2014 2:09 a.m., Tom Tom wrote: >> I think, this behaviour was introduced with squid 3.4.4.1 >> (http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13113.patch). > >> I don't exactly

Re: [squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

I still get a TCP_DENIED/403 while accessing a bumped https-site after putting a "-" or even "^root$" in /etc/squid/DENY_USERS_LOCAL. The cache.log with "debug_options 29,3 28,9" activated looks like this: 014/10/08 20:03:00.539 kid2| Acl.cc(157) matches: checking DENY_USERS_LOCAL 2014/10/08 20:03

Re: [squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

Hi Does anyone have some ideas/hints concerning this problem? Many thanks. Tom On Wed, Oct 8, 2014 at 8:16 PM, Tom Tom wrote: > I still get a TCP_DENIED/403 while accessing a bumped https-site after > putting a "-" or even "^root$" in /etc/squid/DENY_USERS_LOCAL. The > cache.log with "debug_opt

Re: [squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 13/10/2014 6:26 p.m., Tom Tom wrote: > Hi > > Does anyone have some ideas/hints concerning this problem? I am looking into it and fairly sure its a bug in how the ACL result is returning 1 == ALLOWED. But that was done to solve another bug in auth

Re: [squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

Hi Amos Do you have new findings? Should I open a bug for better tracking? Kind regards, Tom On Mon, Oct 13, 2014 at 8:16 AM, Amos Jeffries wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 13/10/2014 6:26 p.m., Tom Tom wrote: >> Hi >> >> Does anyone have some ideas/hints concerni

Re: [squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 20/10/2014 6:18 p.m., Tom Tom wrote: > Hi Amos > > Do you have new findings? Should I open a bug for better tracking? > I got nothing new sorry. Yes a bug tracker would be useful to keep track of it. Amos > Kind regards, Tom > > On Mon, Oct 13

Re: [squid-users] TCP_DENIED/403 after Upgrading from 3.4.4 to 3.4.7 (ssl_bump enabled)

Entry created in bugzilla: http://bugs.squid-cache.org/show_bug.cgi?id=4122 On Mon, Oct 20, 2014 at 7:25 AM, Amos Jeffries wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 20/10/2014 6:18 p.m., Tom Tom wrote: >> Hi Amos >> >> Do you have new findings? Should I open a bug for bett