From: Amos Jeffries <squid3@treenet.co.nz>
Date: Fri, 10 Jul 2015 12:59:48 +0000 (-0700)
Subject: Revert tls_outgoing_options default 'options=NO_SSLv3'
X-Git-Tag: merge-candidate-3-v1~38^2~21^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2fbb02b13607615621acc006a4b0d06669520f44;p=thirdparty%2Fsquid.git

Revert tls_outgoing_options default 'options=NO_SSLv3'
---

diff --git a/src/cf.data.pre b/src/cf.data.pre
index fc4a21cf6d..ecb9b735aa 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -2591,7 +2591,7 @@ COMMENT_END
 NAME: tls_outgoing_options
 IFDEF: USE_GNUTLS||USE_OPENSSL
 TYPE: securePeerOptions
-DEFAULT: min-version=1.0 options=NO_SSLv3
+DEFAULT: min-version=1.0
 LOC: Security::ProxyOutgoingConfig
 DOC_START
 	disable		Do not support https:// URLs.
@@ -2607,8 +2607,8 @@ DOC_START
 	cipher=...	The list of valid TLS ciphers to use.
 
 	min-version=1.N
-			The minimum TLS protocol version to permit. To control
-			SSLv3 use the options= parameter.
+			The minimum TLS protocol version to permit.
+			To control SSLv3 use the options= parameter.
 			Supported Values: 1.0 (default), 1.1, 1.2
 
 	options=... 	Specify various TLS/SSL implementation options: