------------------------------------------------------------
revno: 13212
revision-id: squid3@treenet.co.nz-20150124050758-iynm037xhk6k8kx0
parent: squid3@treenet.co.nz-20150119164241-7q1rhjwxjygeq2zf
author: Christos Tsantilas <chtsanti@users.sourceforge.net>
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.4
timestamp: Fri 2015-01-23 21:07:58 -0800
message:
  Add TLS/SSL option NO_TICKET to http[s]_port
  
  If this option is set the TLS ticket extension disabled.
  
  When TLS ticket extension is disabled squid is still able to use SSL shared
  sessions if this feature is not disabled.
  
  This is a Measurement Factory project
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20150124050758-iynm037xhk6k8kx0
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
# testament_sha1: 3c371142a0050f8d6337b93de770063175242ef7
# timestamp: 2015-01-24 05:14:32 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
# base_revision_id: squid3@treenet.co.nz-20150119164241-\
#   7q1rhjwxjygeq2zf
# 
# Begin patch
=== modified file 'src/cf.data.pre'
--- src/cf.data.pre	2014-12-03 11:56:40 +0000
+++ src/cf.data.pre	2015-01-24 05:07:58 +0000
@@ -1734,6 +1734,7 @@
 			    NO_TLSv1_2  Disallow the use of TLSv1.2
 			    SINGLE_DH_USE Always create a new key when using
 				      temporary/ephemeral DH key exchanges
+			    NO_TICKET Disables TLS tickets extension
 			    ALL       Enable various bug workarounds
 				      suggested as "harmless" by OpenSSL
 				      Be warned that this reduces SSL/TLS

=== modified file 'src/ssl/support.cc'
--- src/ssl/support.cc	2014-06-03 07:12:54 +0000
+++ src/ssl/support.cc	2015-01-24 05:07:58 +0000
@@ -488,6 +488,11 @@
         "No_Compression", SSL_OP_NO_COMPRESSION
     },
 #endif
+#if SSL_OP_NO_TICKET
+    {
+        "NO_TICKET", SSL_OP_NO_TICKET
+    },
+#endif
     {
         "", 0
     },