Hello everyone. I'm trying to patch Squid3.1 to disable the client-initiated ssl renegotiation. I read that some users tried to do the same thing: http://www.squid-cache.org/mail-archive/squid-users/201203/0163.html I tried the solution of Amos but I can't make it work. So I tried Squid3.2 and saw that this security issue was fixed on this version. Now I'm trying to use the Squid3.2 sources to backport into Squid3.1. Unfortunately I am not making any progress for now. Does someone can help me? At least give me an idea where I have to look (I didn't see anything about client-initiated renegotiation on ssl/support.* but I'm really not a great developer)... Any help will be really appreciated. Thanks. Regards. NB: Sorry for my English, I know it sucks.
