On Fri, 11 Feb 2005, Tobias Reckhard wrote:
> I'm not sure I fully understand, is the following right?
>
> 1. Client connects to Squid v3 and requests http://somesite, thinking it's
> the origin server.
or https://somesite, doesn't matter.
if using http Squid v3 can even be contacted as a proxy.
If using https the client need to think the Squid server is the origin
server as the client SSL connection then should be terminated at the
proxy.
> 2. Squid v3 requests https://somesite from a separate CONNECT relaying proxy.
>
> 3. The separate CONNECT relaying proxy tranforms the https://somesite request
> into a CONNECT request and forwards this request to an upstream WWW proxy.
Correct. A simple "plug" type proxy which when it gets a TCP connection
from Squid connects to the HTTP proxy and issues a CONNECT request to the
preconfigured https server.
> 4. The upstream WWW proxy connects to the origin server and passes through
> data across the established tunnel thereby.
>
> Since I currently don't have such a CONNECT relaying proxy, I guess I'm out
> of luck momentarily, huh? ;-) I'll see if a search turns up one.
socat looks reasonable. Kind of an swiss army nife for this kind of
tasks..
Regards
Henrik
Received on Fri Feb 11 2005 - 03:09:36 MST
This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST