This release extends the client certificate features to allow
optional certificate authentication.
The existing DELAYED_AUTH flag would delay the certificate request,
then reject all clients who cannot present a valid certificate
With CONDITIONAL_AUTH Squid will just request and validate SSL
client certificates. Any rejection or use of those certificates
is left to other configuration settings.
* Improved CONNECT tunnel handling
This release contains several small but important changes to how
Squid handles CONNECT tunnels opened with servers. Particularly
in cases of server TCP connection failure and switching between
A lot of annoying on_unsupported_protocol and HTTPS forwarding
behaviour issues with previous releases should be resolved by
All users of Squid-5 are urged to upgrade as soon as possible.
All users of Squid-4 and older are encouraged to plan for upgrade.
See the ChangeLog for the full list of changes in this and earlier