From: Amos Jeffries <squid3@treenet.co.nz>
Date: Wed, 20 Apr 2016 11:56:48 +0000 (+1200)
Subject: Bug 4495: Unknown SSL option SSL_OP_NO_TICKET
X-Git-Tag: SQUID_3_5_17~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aa422b222735d9f5a30f87d483abe3a7fa6550ca;p=thirdparty%2Fsquid.git

Bug 4495: Unknown SSL option SSL_OP_NO_TICKET
---

diff --git a/src/cf.data.pre b/src/cf.data.pre
index 3bb232379a..adbd006318 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -2537,13 +2537,16 @@ DOC_START
 	    NO_TLSv1    Disallow the use of TLSv1.0
 	    NO_TLSv1_1  Disallow the use of TLSv1.1
 	    NO_TLSv1_2  Disallow the use of TLSv1.2
+
 	    SINGLE_DH_USE
 		      Always create a new key when using temporary/ephemeral
 		      DH key exchanges
-	    SSL_OP_NO_TICKET
+
+	    NO_TICKET
 		      Disable use of RFC5077 session tickets. Some servers
 		      may have problems understanding the TLS extension due
 		      to ambiguous specification in RFC4507.
+
 	    ALL       Enable various bug workarounds suggested as "harmless"
 		      by OpenSSL. Be warned that this may reduce SSL/TLS
 		      strength to some attacks.
@@ -3273,9 +3276,16 @@ DOC_START
 			    NO_TLSv1    Disallow the use of TLSv1.0
 			    NO_TLSv1_1  Disallow the use of TLSv1.1
 			    NO_TLSv1_2  Disallow the use of TLSv1.2
+
 			    SINGLE_DH_USE
 				      Always create a new key when using
 				      temporary/ephemeral DH key exchanges
+
+			    NO_TICKET
+				      Disable use of RFC5077 session tickets. Some servers
+				      may have problems understanding the TLS extension due
+				      to ambiguous specification in RFC4507.
+
 			    ALL       Enable various bug workarounds
 				      suggested as "harmless" by OpenSSL
 				      Be warned that this reduces SSL/TLS