Bug #10146
closed
squid4 obsolete options
100%
Description
got in squid logs on pfSense 2.4.5:
ERROR: Directive 'sslproxy_cipher' is obsolete. ERROR: Directive 'sslproxy_options' is obsolete. ERROR: Directive 'sslproxy_capath' is obsolete.
sslproxy_cipher should be replaced with tls_outgoing_options cipher=
sslproxy_options with tls_outgoing_options options=
sslproxy_capath with tls_outgoing_options capath=
Need to check all new/removed/replaced options in Squid 4:
http://www.squid-cache.org/Versions/v4/RELEASENOTES.html#s3
Updated by Viktor Gurov over 5 years ago
updated options:
sslproxy_capath - Replaced by tls_outgoing_options capath=.
sslproxy_cipher - Replaced by tls_outgoing_options cipher=.
sslproxy_flags - Replaced by tls_outgoing_options flags=.
sslproxy_options - Replaced by tls_outgoing_options options=.
cache_peer
Replaced option ssl with tls. Use of any tls- prefixed options implies tls is enabled.
update in previous PR:
https://github.com/pfsense/FreeBSD-ports/pull/740
Updated by Jim Pingle over 5 years ago
- Status changed from New to Pull Request Review
Updated by Jim Pingle over 5 years ago
- Status changed from Pull Request Review to Feedback
This was merged a few days ago
Updated by Viktor Gurov over 5 years ago
- Status changed from Feedback to Resolved
tested on 2.5.0.a.20200110.1822 with squid-0.4.44_13
works as expected
Updated by Viktor Gurov almost 5 years ago
https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit#Troubleshooting:
NO_SSLv2 is relevant only for Squid-3.x. SSLv2 support has been completely removed from Squid-4
Updated by Jim Pingle almost 5 years ago
- Status changed from Resolved to Pull Request Review
- Target version deleted (
2.4.5)
Updated by Renato Botelho almost 5 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
PR has been merged. Thanks!
Updated by Viktor Gurov almost 5 years ago
- Status changed from Feedback to Resolved
OK - no NO_SSLv2 option in squid pkg 0.4.44_26