As discussed in squid-users mailing list under the "Bypassing SSL Bump
for dstdomain" thread the "ssl_bump none" does not work for ipv6.
When squid decides that it is not needed bumping for a request creates
fake CONENCT request and pass it to tunnel subsystem for more processing.
The problem is that for ipv6 the ip address in URLs and in Host header
should appeared inside brackets:
http://[2001:db8:85a3:8d3:1319:8a2e:370:7348]/
Or:
https://[2001:db8:85a3:8d3:1319:8a2e:370:7348]:443/
Currently squid does not uses brackets in the case of ipv6 so the
request can not parsed correctly.
I am attaching a patch which solves this bug.
Regards,
Christos
This archive was generated by hypermail 2.2.0 : Sat Mar 09 2013 - 12:00:12 MST