I have create a patch to add openssl modifying options not include
diff -Naur squid-3.4.1/src/ssl/support.cc squid-3.4.1-
patched/src/ssl/support.cc
--- squid-3.4.1/src/ssl/support.cc 2013-
12-09 02:20:54.000000000 +0100
+++ squid-3.4.1-patched/src/ssl/support.
cc 2014-03-20 15:58:05.200506356 +0100
@@ -488,6 +488,21 @@
"No_Compression", SSL_OP_NO_COMPRESSION
},
#endif
+#if
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+ {
+
"ALLOW_UNSAFE_LEGACY_RENEGOTIATION",
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+ },
+#endif
+#if
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+ {
+
"NO_SESSION_RESUMPTION_ON_RENEGOTIATION",
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+ },
+#endif
+#if
SSL_OP_LEGACY_SERVER_CONNECT
+ {
+ "LEGACY_SERVER_CONNECT",
SSL_OP_LEGACY_SERVER_CONNECT
+ },
+#endif
{
"", 0
},
but when I'm using that on
https_port ....options
or
sslproxy_options
they are not considered. Any idea?
Thank you
Received on Mon Mar 24 2014 - 11:17:53 MDT
This archive was generated by hypermail 2.2.0 : Mon Mar 24 2014 - 12:00:05 MDT