[squid-users] Re: Squid 3.3.4 - Zero Sized Reply for HTTP POST

2014-04-16 Thread tomsl
Additional information: This only happens when squid uses HTTPS to connect to the origin server. HTTP appears to work fine. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-3-3-4-Zero-Sized-Reply-for-HTTP-POST-tp4665601p4665609.html Sent from the Squid -

[squid-users] Happy eyeballs and https

2014-04-16 Thread Rob van der Putten
Hi there Happy eyeballs (IPv4 fallback) doesn't seem to work with https (Squid 3.3). Works OK with http. Any suggestions? Regards, Rob

Re: [squid-users] Happy eyeballs and https

2014-04-16 Thread Amos Jeffries
On 16/04/2014 10:45 p.m., Rob van der Putten wrote: > Hi there > > > Happy eyeballs (IPv4 fallback) doesn't seem to work with https (Squid > 3.3). Works OK with http. > Any suggestions? If the TCP connection to server succeeds itis a success from the HTTP layers viewpoint. Whatever happens with

[squid-users] Re: Happy eyeballs and https

2014-04-16 Thread Rob van der Putten
Hi there Amos Jeffries wrote: If the TCP connection to server succeeds itis a success from the HTTP layers viewpoint. Whatever happens with the TLS or wrapped HTTP layer inside the tunnel is between the server and client alone. So, what is the failure *exactly*? This morning my isp's tunnel

[squid-users] Squid 3.4.4 and SSL Bump not working (error (92) Protocol not available)

2014-04-16 Thread Ict Security
Hello to everybody, we use Squid for http transparent proxyging and everything is all right. I followed some howtos and we add SSL Bump transparent interception. In squid.conf i have: http_port 3127 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squ

Re: [squid-users] Squid 3.4.4 and SSL Bump not working (error (92) Protocol not available)

2014-04-16 Thread Amm
On 04/16/2014 07:45 PM, Ict Security wrote: Hello to everybody, we use Squid for http transparent proxyging and everything is all right. http_port 3127 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/myCA.pem -A PREROUTING -p tcp -s 192.

[squid-users] Re: Happy eyeballs and https

2014-04-16 Thread Rob van der Putten
Hi there Rob van der Putten wrote: This morning my isp's tunnelserver (6in4) failed. This happened after replacing a router. I don't know if this is an IPv4 router, IPv6 or both. I couldn't ping the remote IPv6 address of the tunnel, or the IPv4 address of the tunnel server. Things returned to

Re: [squid-users] Re: Happy eyeballs and https

2014-04-16 Thread Amos Jeffries
On 17/04/2014 2:30 a.m., Rob van der Putten wrote: > Hi there > > > Rob van der Putten wrote: > >> This morning my isp's tunnelserver (6in4) failed. This happened after >> replacing a router. I don't know if this is an IPv4 router, IPv6 or both. >> I couldn't ping the remote IPv6 address of the

[squid-users] Re: Happy eyeballs and https

2014-04-16 Thread Rob van der Putten
Hi there Amos Jeffries wrote: If you have time to dig into it the logics or CONNECT are in src/tunnel.cc. NP: The peerSelect logics produce a list of potential destinations which are supposed to be walked through and attempted until one succeeds. Failure sent to the client only when there are

Re: [squid-users] Cache Chrome updates

2014-04-16 Thread Eliezer Croitoru
Hey Amos, I have a tiny question which I am not sure about the answer(related to the topic). What would happen in the case which we deny reply or request headers? Would squid look at the Vary (headers as an example) and decide if it's a "Vary" object or it would "see" the request or\and respon

Re: [squid-users] Re: Squid 3.3.4 - Zero Sized Reply for HTTP POST

2014-04-16 Thread Eliezer Croitoru
On 04/16/2014 01:36 PM, tomsl wrote: Additional information: This only happens when squid uses HTTPS to connect to the origin server. HTTP appears to work fine. This issue was as a topic before but never really had the chance of verifying the issue fully. Can you file a bug in the bugzilla? ht

[squid-users] generate-host-certficates

2014-04-16 Thread James Lay
From the squid.conf.documented: # SSL Bump Mode Options: # In addition to these options ssl-bump requires TLS/SSL options. # # generate-host-certificates[=] # Dynamically create SSL server certificates for the # destination hosts