On 07/10/2012 09:25 PM, Amos Jeffries wrote:
> When the Upgrade: header is present and indicating some non-HTTPS
> protocol there is no reason to ssl-bump. Doing a bump would be
> detrimental to the client connection.
>
> This patch seeks to make bump only happen if:
> a) no Upgrade header is present (old-style HTTPS CONNECT)
> b) the Upgrade header indicates TLS/ protocol is being wrapped.
I like the intent, but this would be an easy way for somebody to prevent
Squid from bumping their connection, right? Since SslBump is used where
clients are not trusted by default, it feels wrong to give such an easy
default escape door, especially since the admin cannot close it.
Should we let the admin decide? We already have ACLs that can detect the
presence of an Upgrade CONNECT header, compare its value, etc. We can
recommend prohibiting bumping for non-TLS Upgrade CONNECTs in ssl_bump
documentation.
Thank you,
Alex.
Received on Wed Jul 11 2012 - 04:39:07 MDT
This archive was generated by hypermail 2.2.0 : Wed Jul 18 2012 - 12:00:03 MDT