Re: A selection of SSL bugs...

From: <rstagg@dont-contact.us>
Date: Thu, 22 Oct 1998 10:50:08 +0100

Henrik,

I owe you an apology for being a doubting Thomas!

I just tried this again with IE4 and it worked like a charm, first time,
perfectly. The culprit is Netscape 4.05!

I'm just off to let Netscape know about this fault, and then I might go and
buy a hair-shirt :-)

Thanks for your time!

Richard Stagg

Henrik Nordstrom <hno@hem.passagen.se>
22/10/98 09:20

To: Richard Stagg/TMU/CSC
cc: squid-users@ircache.net, Andrew G Winfer/UK/CSC
Subject: Re: A selection of SSL bugs...

Squid does NOT support SSL, it supports SSL tunneling using the CONNECT
method.
If you get erronous CONNECT requests then this is a client problem, not
a Squid problem. A proper CONNECT request for
"https://c123456:98765@www.wibble.com" is "CONNECT www.wibble.com:443"
You can't use a redirector to redirect requests to https, unless you
redirect them using a HTTP redirect (telling the client to use https
instead).
Squid 1.X has quite limited forwarding capabilities for SSL. I'd
recommend you to look into Squid 2 to solve your firewall + local domain
problem.

---
Henrik Nordstrom
Spare time Squid hacker
Received on Thu Oct 22 1998 - 03:54:36 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:42:45 MST