From c28b9a0e301673c62d922f93c49bb802e49d79a3 Mon Sep 17 00:00:00 2001
From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 8 Oct 2015 19:41:04 -0700
Subject: [PATCH] Docs: release notes updates

---
 doc/release-notes/release-4.sgml |  6 ++++
 src/cf.data.pre                  | 47 ++++++++++++++++----------------
 2 files changed, 29 insertions(+), 24 deletions(-)

diff --git a/doc/release-notes/release-4.sgml b/doc/release-notes/release-4.sgml
index fe3bc32d07..9cb1d1f1d9 100644
--- a/doc/release-notes/release-4.sgml
+++ b/doc/release-notes/release-4.sgml
@@ -222,6 +222,12 @@ This section gives a thorough account of those changes in three categories:
 	   server certificate.
 	<p>New <em>tls-domain=</em> option to verify the server certificate domain.
 
+	<tag>logformat</tag>
+	<p>New code <em>%ssl::&lt;cert_errors</em> to display server certificate errors.
+
+	<tag>pid_filename</tag>
+	<p>Default value now based on squid -n command line parameter.
+
 	<tag>refresh_pattern</tag>
 	<p>Removed <em>ignore-auth</em>. Its commonly desired behaviour is
 	   performed by default with correct HTTP/1.1 revalidation.
diff --git a/src/cf.data.pre b/src/cf.data.pre
index e9944786e1..537b6f115b 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -4218,7 +4218,6 @@ DOC_START
 				Squid, although most fields are often preserved.
 				Optional header name argument as for >h
 
-
 	    RESPONSE
 
 		[http::]<Hs	HTTP status code received from the next hop
@@ -4249,7 +4248,6 @@ DOC_START
 				Generated FTP/Gopher listings are treated as
 				received bodies.
 
-
 	    TIMING
 
 		[http::]<pt	Peer response time in milliseconds. The timer starts
@@ -4287,6 +4285,28 @@ DOC_START
 				after the peek, stare, or splice SSL bumping
 				actions.
 
+		ssl::>cert_subject
+				The Subject field of the received client
+				SSL certificate or a dash ('-') if Squid has
+				received an invalid/malformed certificate or
+				no certificate at all. Consider encoding the
+				logged value because Subject often has spaces.
+
+		ssl::>cert_issuer
+				The Issuer field of the received client
+				SSL certificate or a dash ('-') if Squid has
+				received an invalid/malformed certificate or
+				no certificate at all. Consider encoding the
+				logged value because Issuer often has spaces.
+
+		ssl::<cert_errors
+				The list of certificate validation errors
+				detected by Squid (including OpenSSL and
+				certificate validation helper components). The
+				errors are listed in the discovery order. By
+				default, the error codes are separated by ':'.
+				Accepts an optional separator argument.
+
 	If ICAP is enabled, the following code becomes available (as
 	well as ICAP log codes documented with the icap_log option):
 
@@ -4295,7 +4315,7 @@ DOC_START
 				ACLs are checked and when ICAP
 				transaction is in progress.
 
-	If adaptation is enabled the following three codes become available:
+	If adaptation is enabled the following codes become available:
 
 		adapt::<last_h	The header of the last ICAP response or
 				meta-information from the last eCAP
@@ -4325,27 +4345,6 @@ DOC_START
 	service name in curly braces to record response time(s) specific
 	to that service. For example: %{my_service}adapt::sum_trs
 
-	If SSL is enabled, the following formating codes become available:
-
-		%ssl::>cert_subject The Subject field of the received client
-				SSL certificate or a dash ('-') if Squid has
-				received an invalid/malformed certificate or
-				no certificate at all. Consider encoding the
-				logged value because Subject often has spaces.
-
-		%ssl::>cert_issuer The Issuer field of the received client
-				SSL certificate or a dash ('-') if Squid has
-				received an invalid/malformed certificate or
-				no certificate at all. Consider encoding the
-				logged value because Issuer often has spaces.
-
-		%ssl::<cert_errors The list of certificate validation errors
-				detected by Squid (including OpenSSL and
-				certificate validation helper components). The
-				errors are listed in the discovery order. By
-				default, the error codes are separated by ':'.
-				Accepts an optional separator argument.
-
 	The default formats available (which do not need re-defining) are:
 
 logformat squid      %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un %Sh/%<a %mt
-- 
2.47.3