git.ipfire.org Git - thirdparty/squid.git/commit

author	Amos Jeffries <squid3@treenet.co.nz>
	Mon, 10 Nov 2014 07:47:13 +0000 (23:47 -0800)
committer	Amos Jeffries <squid3@treenet.co.nz>
	Mon, 10 Nov 2014 07:47:13 +0000 (23:47 -0800)
commit	47901e848f83cec92340bfc25df48ddc51326f3a
tree	aa9dc826573481fcd3382c27fb057fccd7dcd4fe	tree \| snapshot
parent	e44a3ec43b9121515d4660aecf7fc5aa5011c15a	commit \| diff

RFC 6176 compliance

... prohibits use of SSLv2.
https://tools.ietf.org/html/rfc6176

Remove the documentation and support for configuring Squid with
SSLv2-only.

Explicitly enable the SSL_NO_SSLv2 option when provided by the library
to prevent implicit fallback.

Remove support for ssloptions= values which are for SSLv2-specific bugs.

Due to the way they are implemented with atoi() sslversion=N
configuration will still accept the values for SSLv2-only. But the
context creation will now unconditionally produce "SSLv2 not
supported" errors if the now undocumented values are attempted.

src/cf.data.pre		diff \| blob \| blame \| history
src/ssl/support.cc		diff \| blob \| blame \| history