[squid-dev] OpenSSL 1.1 support
Amos Jeffries
squid3 at treenet.co.nz
Tue Dec 19 11:49:33 UTC 2017
On 19/12/17 22:04, Adam Majer wrote:
> On 12/18/2017 06:17 PM, Amos Jeffries wrote:
>> On 19/12/17 04:48, Adam Majer wrote:
>>> Hi,
>>>
>>> Is there a plan of supporting OpenSSL 1.1 in squid 3.5.x branch?
>>>
>>
>> Not currently. Some of the config changes the library imposes may be a
>> bit surprising for a stable release.
>>
>>
>> If you are self-building to get SSL-Bump support I recommend trying to
>> use Squid-4 anyway. It should be stable enough for most installations
>> and has better SSL-Bump and related behaviours.
>
> Actually, the reason I'm asking is OpenSUSE Tumbleweed has migrated away
> from OpenSSL 1.0 to 1.1. Is there a current timeline when 4.x branch
> will become stable?
6-12 months ago was the plan. :-(
>
> Is there a list of tasks that need to be fixed for 4.x branch to be
> considered stable?
<https://wiki.squid-cache.org/ReleaseProcess#General_Release_Process_Guidelines>
We are currently stuck at #3 in that process with a few major bugs
preventing reaching #4.
(<https://bugs.squid-cache.org/query.cgi?bug_severity=blocker&bug_severity=critical&bug_severity=major&bug_status=UNCONFIRMED&bug_status=MOREINFO&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&component=Documentation&component=helpers%3A%20auth_param&component=helpers%3A%20external_acl_type&component=helpers%3A%20log_daemon&component=helpers%3A%20Security&component=helpers%3A%20storeid_rewrite&component=helpers%3A%20url_rewrite&component=New%20Feature%20Request&component=other&component=other%3A%20Content%20Adaptation&component=other%3A%20Edge%20Side%20Includes%20%28ESI%29&component=other%3A%20SMP%20awareness&component=other%3A%20SSL-Bump&component=Test%20Suite&component=tools%3A%20cachemgr.cgi&component=tools%3A%20purge&component=tools%3A%20squidclient&product=Squid&query_format=advanced&version=4&known_name=Major%204.x>)
Some of those already have workarounds in v4 and so are planned to
ignore for purposes of declaring stability. But a full fix for any of
them (and any other bug) is of course very welcome.
Next release on my calendar is ~6th January. So re-evaluation of all the
pieces will be happening across the week prior.
Amos
More information about the squid-dev
mailing list