Set SSL_OP_LEGACY_SERVER_CONNECT when peeking at servers (#2354)

somecookie · kinkie · commit f7067b25aa27 · 2026-01-17T11:32:01.000Z
Our TLS Server Hello parser does not treat legacy servers specially, but
enabling legacy server support in OpenSSL allows OpenSSL to advance
enough in its Server Hello processing to provide our SslBump code with
the server certificate (that we then validate). Successful certificate
validation, in turn, may result in Squid splicing the connection, even
if OpenSSL detected other errors:

    noteNegotiationError: hold TLS write on FD 15 despite
    SQUID_TLS_ERR_CONNECT+TLS_LIB_ERR=2000068+TLS_IO_ERR=1

A spliced connection allows the TLS client to handle a legacy server the
way the client needs to handle it, without unwanted Squid meddling.

This is a Measurement Factory project.
diff --git a/CONTRIBUTORS b/CONTRIBUTORS
@@ -440,6 +440,7 @@ Thank you!
     Reinhard Sojka <reinhard.sojka@parlament.gv.at>
     Rene Geile <rene.geile@t-online.de>
     Reuben Farrelly <reuben@reub.net>
+    Ricardo Ferreira Ribeiro <garb12@pm.me>
     Richard Huveneers <Richard.Huveneers@hekkihek.hacom.nl>
     Richard Huveneers <richard@hekkihek.hacom.nl>
     Richard Sharpe
diff --git a/src/ssl/PeekingPeerConnector.cc b/src/ssl/PeekingPeerConnector.cc
@@ -18,6 +18,7 @@
 #include "security/ErrorDetail.h"
 #include "security/NegotiationHistory.h"
 #include "SquidConfig.h"
+#include "src/base/IoManip.h"
 #include "ssl/bio.h"
 #include "ssl/PeekingPeerConnector.h"
 #include "ssl/ServerBump.h"
@@ -196,6 +197,22 @@ Ssl::PeekingPeerConnector::initialize(Security::SessionPointer &serverSession)
             srvBio->setClientFeatures(details, cltBio->rBufData());
             srvBio->recordInput(true);
             srvBio->mode(csd->sslBumpMode);
+
+#if defined(SSL_OP_LEGACY_SERVER_CONNECT)
+            // While peeking, Squid is not generating any TLS bytes, but we are
+            // still being driven by OpenSSL negotiation logic. We enable as
+            // many features and workarounds as possible to reduce cases where
+            // OpenSSL refuses to accept a valid TLS server response. This code
+            // assumes that an admin should not expect a peeking Squid to
+            // automatically enforce a particular set of TLS conditions (e.g.,
+            // "no legacy TLS servers"). When that assumption is invalidated, we
+            // will need to add a configuration directive to set peeking TLS
+            // options.
+            if (csd->sslBumpMode == Ssl::bumpPeek && SSL_OP_LEGACY_SERVER_CONNECT) {
+                const auto adjustedOptions = SSL_set_options(serverSession.get(), SSL_OP_LEGACY_SERVER_CONNECT);
+                debugs(83, 5, "post-SSL_OP_LEGACY_SERVER_CONNECT options for session=" << serverSession << ": " << asHex(adjustedOptions));
+            }
+#endif
         } else {
             const bool redirected = request->flags.redirected && ::Config.onoff.redir_rewrites_host;
             const char *sniServer = (!hostName || redirected) ?

-Original file line number
+Diff line change
     Reinhard Sojka <[email protected]>
     Rene Geile <[email protected]>
     Reuben Farrelly <[email protected]>
 +    Ricardo Ferreira Ribeiro <[email protected]>
     Richard Huveneers <[email protected]>
     Richard Huveneers <[email protected]>
     Richard Sharpe