<!doctype linuxdoc system>
<article>
-<title>Squid 3.3.0.1 release notes</title>
+<title>Squid 3.3.14 release notes</title>
<author>Squid Developers</author>
<abstract>
<sect>Notice
<p>
-The Squid Team are pleased to announce the release of Squid-3.3.0.1 for testing.
+The Squid Team are pleased to announce the release of Squid-3.3.14.
-This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.3/"> or the <url url="http://www.squid-cache.org/Mirrors/http-mirrors.html" name="mirrors">.
+This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.3/"> or the
+<url url="http://www.squid-cache.org/Download/http-mirrors.html" name="mirrors">.
-While this release is not deemed ready for production use, we believe it is ready for wider testing by the community.
+<p>A large number of the design flaws in SSL-Bump feature have been fixed along with general improvements all around.
+While this release is not fully bug-free we believe it is ready for use in production on many systems.
-We welcome feedback and bug reports. If you find a bug, please see <url url="http://wiki.squid-cache.org/SquidFaq/TroubleShooting#head-7067fc0034ce967e67911becaabb8c95a34d576d"> for how to submit a report with a stack trace.
+<p>We welcome feedback and bug reports. If you find a bug, please see <url url="http://wiki.squid-cache.org/SquidFaq/BugReporting">
+ for how to submit a report with a stack trace.
<sect1>Known issues
<p>
-Although this release is deemed good enough for use in many setups, please note the existence of <url url="http://www.squid-cache.org/bugs/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&target_milestone=3.3&long_desc_type=allwordssubstr&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&emailtype1=substring&email1=&emailtype2=substring&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=bugs.bug_severity&field0-0-0=noop&type0-0-0=noop&value0-0-0=" name="open bugs against Squid-3.3">.
+Although this release is deemed good enough for use in many setups, please note the existence of
+<url url="http://bugs.squid-cache.org/buglist.cgi?query_format=advanced&product=Squid&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&version=3.3" name="open bugs against Squid-3.3">.
+
<sect1>Changes since earlier releases of Squid-3.3
<p>
<sect1>New tags<label id="newtags">
<p>
<descrip>
+ <tag>cache_miss_revalidate</tag>
+ <p>Whether Squid is to pass-through If-Modified-Since and If-None-Match headers on cache MISS.
+ Revalidation requests can prevent cache gathering objects to HIT on.
+ <p>Based on the Squid-2.7 <em>ignore_ims_on_miss</em> feature.
+ <p><em>IMPORTANT:</em> the meaning for on/off values has changed along with the name since 2.7.
+
<tag>request_header_add</tag>
<p>New directive to add custom headers on HTTP traffic sent to upstream servers.
<tag>sslproxy_cert_adapt</tag>
<p>New option to adapt certain properties of outgoing SSL certificates generated for use when bumping SSL to an upstream server.
-
</descrip>
<sect1>Changes to existing tags<label id="modifiedtags">
<p>
<descrip>
<tag>acl</tag>
- <p><em>myport</em> and <em>myip</em>ACL types replaced with <em>localport</em> and <em>localip</em> respecitively.
+ <p><em>myport</em> and <em>myip</em>ACL types replaced with <em>localport</em> and <em>localip</em> respectively.
To reflect that it matches the TCP connection details and not the squid.conf port.
- This matters when dealing with interecepted traffic, where the Squid receiving port differs from the TCP connection IP:port.
+ This matters when dealing with intercepted traffic, where the Squid receiving port differs from the TCP connection IP:port.
Always use <em>myportname</em> type to match the squid.conf port details.
<p>New default built-in ACLs for testing SSL certificate properties.
<p><em>ssl::certHasExpired</em>,
<em>ssl::certUntrusted</em>,
<em>ssl::certSelfSigned</em>.
+ <tag>client_netmask</tag>
+ <p>IP address 127.0.0.1 (localhost IPv4) is no longer masked.
+
+ <tag>external_acl_type</tag>
+ <p><em>%ACL</em> format tag ported from 2.6.
+ Sends the name of ACL being tested to the external helper.
+ <p><em>%DATA</em> format tag ported from 2.6.
+ Inserts the ACL arguments into a particular location of the helper input instead of at the end of the line.
+
<tag>logformat</tag>
<p>New token <em>%ssl::bump_mode</em> to log the SSL-bump mode type performed on a request.
Logs values of: <em>-</em>, <em>none</em>, <em>client-first</em>, or <em>server-first</em>.
- <p>New token of <em>%ssl::>cert_subject</em> to log the Subject field of a SSL certficate received from the client.
- <p>New token of <em>%ssl::>cert_issuer</em> to log the Issuer field of a SSL certficate received from the client.
+ <p>New token of <em>%ssl::>cert_subject</em> to log the Subject field of a SSL certificate received from the client.
+ <p>New token of <em>%ssl::>cert_issuer</em> to log the Issuer field of a SSL certificate received from the client.
<tag>ssl_bump</tag>
<p>New action types <em>none</em>, <em>client-first</em>, <em>server-first</em>. The default is <em>none</em>.
<sect1>Removed tags<label id="removedtags">
<p>
<descrip>
- <p><em>There are no removed squid.conf tags in Squid-3.3.</em>
+ <tag>ignore_ims_on_miss</tag>
+ <p>This option has been replaced by the <em>cache_miss_revalidate</em> feature.
</descrip>
<sect1>Changes to existing options<label id="modifiedoptions">
<p>
<descrip>
- <p><em>There are no changed ./configure options in Squid-3.3.</em>
+ <tag>--enable-kqueue</tag>
+ <p>kqueue network I/O module is now built by default when it is available.
+ This option is no longer required to enable kqueue support,
+ but if used will abort build when kqueue dependencies are missing or broken.
+
+ <tag>--disable-kqueue</tag>
+ <p>kqueue network I/O module is now built by default when it is available.
+ This configure option is now needed to disable it. Previously it did nothing.
</descrip>
</p>
<tag>error_map</tag>
<p>Not yet ported from 2.6
- <tag>external_acl_type</tag>
- <p><em>%ACL</em> format tag not yet ported from 2.6
- <p><em>%DATA</em> format tag not yet ported from 2.6
-
<tag>external_refresh_check</tag>
<p>Not yet ported from 2.7
- <tag>http_port</tag>
- <p><em>act-as-origin</em> not yet ported from 2.7
-
- <tag>ignore_ims_on_miss</tag>
- <p>Not yet ported from 2.7
-
<tag>location_rewrite_access</tag>
<p>Not yet ported from 2.6
<tag>storeurl_rewrite_program</tag>
<p>Not yet ported from 2.7
- <tag>update_headers</tag>
- <p>Not yet ported from 2.7
-
</descrip>
+<sect>Copyright
+<p>
+Copyright (C) 1996-2021 The Squid Software Foundation and contributors
+<p>
+Squid software is distributed under GPLv2+ license and includes
+contributions from numerous individuals and organizations.
+Please see the COPYING and CONTRIBUTORS files for details.
+
</article>