2026-03-04

Author: squidadm

squid-dev/2026-March.txt

@@ -0,0 +1,31 @@
+From anthony.pankov at yahoo.com  Wed Mar  4 16:03:28 2026
+From: anthony.pankov at yahoo.com (Anthony Pankov)
+Date: Wed, 4 Mar 2026 19:03:28 +0300
+Subject: [squid-dev] forward bumped traffic to parent in plain form
+References: <1985119311.20260304190328.ref@yahoo.com>
+Message-ID: <1985119311.20260304190328@yahoo.com>
+
+Hello,
+
+I still want to modify squid in such a way that it can forward clients http traffic to a parent cache in plain form.
+I mean after bumping ssl (forntend-squid establish tls connection with a client) requests from client should goes to parent cache as a plain http ( GET etc.) That is, using parent cache as in good old days without https.
+
+Connection between squids servers is already encrypted so I don't need any additional tls(security) layer.
+
+Also, for simplification, I assume never_direct directive for this traffic on a front-end.
+I understand that it will preclude any checks for origin server certificate but this is not a problem because policy for origin may be applied in a parent cache.
+
+I tried to modify FwdState::noteConnection to avoid establishTunnelThruProxy() and FwdState::secureConnectionToPeerIfNeeded  to avoid secureConnectionToPeer() but has no lack.
+
+They use request.flags  sslBumped and sslPeek that I do not fully understand. sslPeek described as "internal ssl-bump request to get server cert" but it always True when I'm in noteConnection.
+
+Also I noted  async SslBumpEstablish which call switchToHttps. Because of asyncs I can't fully understand where I can preclude switching connections to parent cache to "CONNECT" mode rather than using it plain.
+
+Any help would be appreciated. 
+
+
+-- 
+Best regards,
+ Anthony                          mailto:anthony.pankov at yahoo.com
+
+

squid-dev/2026-March/009979.html

@@ -0,0 +1,79 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<HTML>
+ <HEAD>
+   <TITLE> [squid-dev] forward bumped traffic to parent in plain form
+   </TITLE>
+   <LINK REL="Index" HREF="index.html" >
+   <LINK REL="made" HREF="mailto:squid-dev%40lists.squid-cache.org?Subject=Re%3A%20%5Bsquid-dev%5D%20forward%20bumped%20traffic%20to%20parent%20in%20plain%20form&In-Reply-To=%3C1985119311.20260304190328%40yahoo.com%3E">
+   <META NAME="robots" CONTENT="index,nofollow">
+   <style type="text/css">
+       pre {
+           white-space: pre-wrap;       /* css-2.1, curent FF, Opera, Safari */
+           }
+   </style>
+   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+   
+   
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+   <H1>[squid-dev] forward bumped traffic to parent in plain form</H1>
+    <B>Anthony Pankov</B> 
+    <A HREF="mailto:squid-dev%40lists.squid-cache.org?Subject=Re%3A%20%5Bsquid-dev%5D%20forward%20bumped%20traffic%20to%20parent%20in%20plain%20form&In-Reply-To=%3C1985119311.20260304190328%40yahoo.com%3E"
+       TITLE="[squid-dev] forward bumped traffic to parent in plain form">anthony.pankov at yahoo.com
+       </A><BR>
+    <I>Wed Mar  4 16:03:28 UTC 2026</I>
+    <P><UL>
+        
+        
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#9979">[ date ]</a>
+              <a href="thread.html#9979">[ thread ]</a>
+              <a href="subject.html#9979">[ subject ]</a>
+              <a href="author.html#9979">[ author ]</a>
+         </LI>
+       </UL>
+    <HR>  
+<!--beginarticle-->
+<PRE>Hello,
+
+I still want to modify squid in such a way that it can forward clients http traffic to a parent cache in plain form.
+I mean after bumping ssl (forntend-squid establish tls connection with a client) requests from client should goes to parent cache as a plain http ( GET etc.) That is, using parent cache as in good old days without https.
+
+Connection between squids servers is already encrypted so I don't need any additional tls(security) layer.
+
+Also, for simplification, I assume never_direct directive for this traffic on a front-end.
+I understand that it will preclude any checks for origin server certificate but this is not a problem because policy for origin may be applied in a parent cache.
+
+I tried to modify FwdState::noteConnection to avoid establishTunnelThruProxy() and FwdState::secureConnectionToPeerIfNeeded  to avoid secureConnectionToPeer() but has no lack.
+
+They use request.flags  sslBumped and sslPeek that I do not fully understand. sslPeek described as &quot;internal ssl-bump request to get server cert&quot; but it always True when I'm in noteConnection.
+
+Also I noted  async SslBumpEstablish which call switchToHttps. Because of asyncs I can't fully understand where I can preclude switching connections to parent cache to &quot;CONNECT&quot; mode rather than using it plain.
+
+Any help would be appreciated. 
+
+
+-- 
+Best regards,
+ Anthony                          mailto:<A HREF="https://lists.squid-cache.org/listinfo/squid-dev">anthony.pankov at yahoo.com</A>
+
+</PRE>
+
+<!--endarticle-->
+    <HR>
+    <P><UL>
+        <!--threads-->
+	
+	
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#9979">[ date ]</a>
+              <a href="thread.html#9979">[ thread ]</a>
+              <a href="subject.html#9979">[ subject ]</a>
+              <a href="author.html#9979">[ author ]</a>
+         </LI>
+       </UL>
+
+<hr>
+<a href="https://lists.squid-cache.org/listinfo/squid-dev">More information about the squid-dev
+mailing list</a><br>
+</body></html>

squid-dev/2026-March/author.html

@@ -0,0 +1,52 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<HTML>
+  <HEAD>
+     <title>The squid-dev March 2026 Archive by author</title>
+     <META NAME="robots" CONTENT="noindex,follow">
+     <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+  </HEAD>
+  <BODY BGCOLOR="#ffffff">
+      <a name="start"></A>
+      <h1>March 2026 Archives by author</h1>
+      <ul>
+         <li> <b>Messages sorted by:</b>
+	        <a href="thread.html#start">[ thread ]</a>
+		<a href="subject.html#start">[ subject ]</a>
+		
+		<a href="date.html#start">[ date ]</a>
+
+	     <li><b><a href="https://lists.squid-cache.org/listinfo/squid-dev">More info on this list...
+                    </a></b></li>
+      </ul>
+      <p><b>Starting:</b> <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+         <b>Ending:</b> <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+         <b>Messages:</b> 1<p>
+     <ul>
+
+<LI><A HREF="009979.html">[squid-dev] forward bumped traffic to parent in plain form
+</A><A NAME="9979">&nbsp;</A>
+<I>Anthony Pankov
+</I>
+
+    </ul>
+    <p>
+      <a name="end"><b>Last message date:</b></a> 
+       <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+    <b>Archived on:</b> <i>Wed Mar  4 16:03:19 UTC 2026</i>
+    <p>
+   <ul>
+         <li> <b>Messages sorted by:</b>
+	        <a href="thread.html#start">[ thread ]</a>
+		<a href="subject.html#start">[ subject ]</a>
+		
+		<a href="date.html#start">[ date ]</a>
+	     <li><b><a href="https://lists.squid-cache.org/listinfo/squid-dev">More info on this list...
+                    </a></b></li>
+     </ul>
+     <p>
+     <hr>
+     <i>This archive was generated by
+     Pipermail 0.09 (Mailman edition).</i>
+  </BODY>
+</HTML>
+

squid-dev/2026-March/date.html

@@ -0,0 +1,52 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<HTML>
+  <HEAD>
+     <title>The squid-dev March 2026 Archive by date</title>
+     <META NAME="robots" CONTENT="noindex,follow">
+     <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+  </HEAD>
+  <BODY BGCOLOR="#ffffff">
+      <a name="start"></A>
+      <h1>March 2026 Archives by date</h1>
+      <ul>
+         <li> <b>Messages sorted by:</b>
+	        <a href="thread.html#start">[ thread ]</a>
+		<a href="subject.html#start">[ subject ]</a>
+		<a href="author.html#start">[ author ]</a>
+		
+
+	     <li><b><a href="https://lists.squid-cache.org/listinfo/squid-dev">More info on this list...
+                    </a></b></li>
+      </ul>
+      <p><b>Starting:</b> <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+         <b>Ending:</b> <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+         <b>Messages:</b> 1<p>
+     <ul>
+
+<LI><A HREF="009979.html">[squid-dev] forward bumped traffic to parent in plain form
+</A><A NAME="9979">&nbsp;</A>
+<I>Anthony Pankov
+</I>
+
+    </ul>
+    <p>
+      <a name="end"><b>Last message date:</b></a> 
+       <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+    <b>Archived on:</b> <i>Wed Mar  4 16:03:19 UTC 2026</i>
+    <p>
+   <ul>
+         <li> <b>Messages sorted by:</b>
+	        <a href="thread.html#start">[ thread ]</a>
+		<a href="subject.html#start">[ subject ]</a>
+		<a href="author.html#start">[ author ]</a>
+		
+	     <li><b><a href="https://lists.squid-cache.org/listinfo/squid-dev">More info on this list...
+                    </a></b></li>
+     </ul>
+     <p>
+     <hr>
+     <i>This archive was generated by
+     Pipermail 0.09 (Mailman edition).</i>
+  </BODY>
+</HTML>
+

squid-dev/2026-March/index.html

@@ -0,0 +1 @@
+thread.html

squid-dev/2026-March/subject.html

@@ -0,0 +1,52 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<HTML>
+  <HEAD>
+     <title>The squid-dev March 2026 Archive by subject</title>
+     <META NAME="robots" CONTENT="noindex,follow">
+     <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+  </HEAD>
+  <BODY BGCOLOR="#ffffff">
+      <a name="start"></A>
+      <h1>March 2026 Archives by subject</h1>
+      <ul>
+         <li> <b>Messages sorted by:</b>
+	        <a href="thread.html#start">[ thread ]</a>
+		
+		<a href="author.html#start">[ author ]</a>
+		<a href="date.html#start">[ date ]</a>
+
+	     <li><b><a href="https://lists.squid-cache.org/listinfo/squid-dev">More info on this list...
+                    </a></b></li>
+      </ul>
+      <p><b>Starting:</b> <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+         <b>Ending:</b> <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+         <b>Messages:</b> 1<p>
+     <ul>
+
+<LI><A HREF="009979.html">[squid-dev] forward bumped traffic to parent in plain form
+</A><A NAME="9979">&nbsp;</A>
+<I>Anthony Pankov
+</I>
+
+    </ul>
+    <p>
+      <a name="end"><b>Last message date:</b></a> 
+       <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+    <b>Archived on:</b> <i>Wed Mar  4 16:03:19 UTC 2026</i>
+    <p>
+   <ul>
+         <li> <b>Messages sorted by:</b>
+	        <a href="thread.html#start">[ thread ]</a>
+		
+		<a href="author.html#start">[ author ]</a>
+		<a href="date.html#start">[ date ]</a>
+	     <li><b><a href="https://lists.squid-cache.org/listinfo/squid-dev">More info on this list...
+                    </a></b></li>
+     </ul>
+     <p>
+     <hr>
+     <i>This archive was generated by
+     Pipermail 0.09 (Mailman edition).</i>
+  </BODY>
+</HTML>
+

squid-dev/2026-March/thread.html

@@ -0,0 +1,53 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<HTML>
+  <HEAD>
+     <title>The squid-dev March 2026 Archive by thread</title>
+     <META NAME="robots" CONTENT="noindex,follow">
+     <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+  </HEAD>
+  <BODY BGCOLOR="#ffffff">
+      <a name="start"></A>
+      <h1>March 2026 Archives by thread</h1>
+      <ul>
+         <li> <b>Messages sorted by:</b>
+	        
+		<a href="subject.html#start">[ subject ]</a>
+		<a href="author.html#start">[ author ]</a>
+		<a href="date.html#start">[ date ]</a>
+
+	     <li><b><a href="https://lists.squid-cache.org/listinfo/squid-dev">More info on this list...
+                    </a></b></li>
+      </ul>
+      <p><b>Starting:</b> <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+         <b>Ending:</b> <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+         <b>Messages:</b> 1<p>
+     <ul>
+
+<!--0 01772640208.9979- -->
+<LI><A HREF="009979.html">[squid-dev] forward bumped traffic to parent in plain form
+</A><A NAME="9979">&nbsp;</A>
+<I>Anthony Pankov
+</I>
+
+    </ul>
+    <p>
+      <a name="end"><b>Last message date:</b></a> 
+       <i>Wed Mar  4 16:03:28 UTC 2026</i><br>
+    <b>Archived on:</b> <i>Wed Mar  4 16:03:19 UTC 2026</i>
+    <p>
+   <ul>
+         <li> <b>Messages sorted by:</b>
+	        
+		<a href="subject.html#start">[ subject ]</a>
+		<a href="author.html#start">[ author ]</a>
+		<a href="date.html#start">[ date ]</a>
+	     <li><b><a href="https://lists.squid-cache.org/listinfo/squid-dev">More info on this list...
+                    </a></b></li>
+     </ul>
+     <p>
+     <hr>
+     <i>This archive was generated by
+     Pipermail 0.09 (Mailman edition).</i>
+  </BODY>
+</HTML>
+

squid-dev/index.html

@@ -17,6 +17,18 @@ <h1>The squid-dev Archives </h1>
           <td>Downloadable version</td></tr>
 
 
+	    <tr>
+            <td>March 2026:</td>
+            <td>
+              <A href="2026-March/thread.html">[ Thread ]</a>
+              <A href="2026-March/subject.html">[ Subject ]</a>
+              <A href="2026-March/author.html">[ Author ]</a>
+              <A href="2026-March/date.html">[ Date ]</a>
+            </td>
+            <td><A href="2026-March.txt">[ Text 1 KB ]</a></td>
+            </tr>
+
+
 	    <tr>
             <td>February 2026:</td>
             <td>
@@ -25,7 +37,7 @@ <h1>The squid-dev Archives </h1>
               <A href="2026-February/author.html">[ Author ]</a>
               <A href="2026-February/date.html">[ Date ]</a>
             </td>
-            <td><A href="2026-February.txt">[ Text 3 KB ]</a></td>
+            <td><A href="2026-February.txt.gz">[ Gzip'd Text 1 KB ]</a></td>
             </tr>