]> git.ipfire.org Git - thirdparty/squid.git/commitdiff
Add missing 'tls' option for cache_peer
authorAmos Jeffries <squid3@treenet.co.nz>
Fri, 22 Jul 2016 08:38:30 +0000 (20:38 +1200)
committerAmos Jeffries <squid3@treenet.co.nz>
Fri, 22 Jul 2016 08:38:30 +0000 (20:38 +1200)
doc/release-notes/release-4.sgml
src/cache_cf.cc
src/cf.data.pre

index 25971bb7b297c8eaf60880c333f391556c5df871..167eaf72978fb96b0cf2034ebdb3a1dcbd73cbfd 100644 (file)
@@ -236,6 +236,8 @@ This section gives a thorough account of those changes in three categories:
        <tag>cache_peer</tag>
        <p>New option <em>auth-no-keytab</em> to let GSSAPI implementation determine
           which Kerberos credentials to use, instead of specifying a keytab.
+       <p>Replaced option <em>ssl</em> with <em>tls</em>. Use of any
+          <em>tls-</em> prefixed options implies <em>tls</em> is enabled.
        <p>New option <em>tls-min-version=1.N</em> to set minimum TLS version allowed.
        <p>New option <em>tls-default-ca</em> replaces <em>sslflags=NO_DEFAULT_CA</em>
        <p>New option <em>tls-no-npn</em> to disable sending TLS NPN extension.
@@ -243,7 +245,8 @@ This section gives a thorough account of those changes in three categories:
           have been removed.
        <p>Removed <em>sslversion=</em> option. Use <em>tls-options=</em> instead.
        <p>Manual squid.conf update may be required on upgrade.
-       <p>Replaced <em>sslcafile=</em> with <em>tls-cafile=</em> which takes multiple entries.
+       <p>Replaced option <em>sslcafile=</em> with <em>tls-cafile=</em>
+          which takes multiple entries.
 
        <tag>external_acl_type</tag>
        <p>New parameter <em>queue-size=</em> to set the maximum number
index 2e23180161f5b8aa6e374b56ec7e17e262eb59dd..f82aa9e31ca49c21a8c7bc1c0802587837be9d03 100644 (file)
@@ -2204,6 +2204,8 @@ parse_peer(CachePeer ** head)
 #endif
         } else if (strncmp(token, "tls-", 4) == 0) {
             p->secure.parse(token+4);
+        } else if (strncmp(token, "tls", 3) == 0) {
+            p->secure.parse(token+3);
         } else if (strcmp(token, "front-end-https") == 0) {
             p->front_end_https = 1;
         } else if (strcmp(token, "front-end-https=on") == 0) {
index 26fe3786b0733d13518b15e6533d86d007b6516d..3a43f68983ce0648f616efa4fae74c297bee6c0c 100644 (file)
@@ -3308,7 +3308,7 @@ DOC_START
        
        ==== SSL / HTTPS / TLS OPTIONS ====
        
-       ssl             Encrypt connections to this peer with SSL/TLS.
+       tls             Encrypt connections to this peer with TLS.
        
        sslcert=/path/to/ssl/certificate
                        A client SSL certificate to use when connecting to