[squid-users] squid + auth + safari + SSL = TCP_DENIED/407

From: Gavin McCullagh <gavin.mccullagh_at_gcd.ie>
Date: Thu, 30 Apr 2009 17:11:28 +0100

Hi,

one of our Mac people has been complaining that he can't get into certain
SSL sites. I borrowed a MAC and found that these does indeed seem to be a
problem, though apparently not on all SSL sites (a login on www.bebo.com)
is an example that does give the problem. I'm not sure of this but it
looks like it might be where there's a POST request over SSL.

I noticed this:

http://www2.tr.squid-cache.org/mail-archive/squid-users/200709/0109.html

so I tried turning off authentication and it worked.

I'm using squid-2.6-stable18 which I'm well aware is old. Is this a bug in
squid or safari or is this known for sure? Does anyone know if an upgrade
to squid would sort it out?

If not, I may have to put in an ACL either to allow:

 - all macs to be unauthenticated
 - all SSL to be unauthenticated
 - all requests with safari browser strings using SSL to be unauthenticated

or something like that. Has anyone had to do this? Is there a known "best
way"?

Thanks in advance,
Gavin
Received on Thu Apr 30 2009 - 16:11:32 MDT

This archive was generated by hypermail 2.2.0 : Fri May 01 2009 - 12:00:02 MDT