Log message:
Changes 3.5.6:
* ext_edirectory_userip_acl: fix uninitialized variable
* Do not blindly forward cache peer CONNECT responses.
* Bug 3483: assertion failed store.cc:1866: 'isEmpty()'
* Use relative-URL in errorpage.css for SN.png
* Bug 4193: Memory leak on FTP listings
* Bug 4274: ssl_crtd.8 not being installed
* Fix CONNECT failover to IPv4 after trying broken IPv6 servers
* Bug 4183: segfault when freeing https_port clientca on reconfigure or exit.
* TLS: Disable client-initiated renegotiation
* Translations: add Spanish US dialect alias
* Cleanup: replace __DATE__ and __TIME__ macros
* Fix assertion String.cc:221: "str"
* Fix assertion comm.cc:759: "Comm::IsConnOpen(conn)" in \ 
ConnStateData::getSslContextDone
* Bug 3875: bad mimeLoadIconFile error handling
* Support custom OIDs in *_cert ACLs
* Bug 3329: The server side pinned connection is not closed properly

Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.

Log message:
Fix transparent proxying with IPFilter. Patch submitted to squid mailing
list.

Log message:
Changes 3.5.5:
* Portability: migrate auto_ptr to C++11 unique_ptr
* Portability: Define nullptr if not provided
* Cleanup: sync ModSelect.cc and ModSelectWin32.cc
* Fix segmentation fault inside Adaptation::Icap::Xaction::swanSong
* Fix "Not enough space to hold server hello message" error message
* Bug 4132: regression in short_icon_urls with global_internal_static on
* Prevent unused ssl_crtd helpers being run
* Docs: fix debug output on https_port context failure
* HTTP/2: publish RFC 7540
* Fix incorrect use of errno in various libcomm.la places
* Bug 4236: SSL negotiation error of 'success'
* Fix signal.h usage to resolve compiler warning
* Bug 3930: assertion 'connIsUsable(http->getConn())'
* Fix missing external ACL helper notes
* Bug 4238: assertion Read.cc:205: "params.data == data"
* Docs: remove 4.0-only info added by rev.13823
* comm_connect_addr on failures returns Comm:OK
* Docs: shuffle SMP specific options to the top of squid.conf
* CacheMgr: display 'client_db off' instead of 0 clients accessing cache
* Fix assertion errorpage.cc:600: "entry->isEmpty()"
* Fix assertion MemBuf.cc:380: "new_cap > (size_t) capacity" in SSL \ 
I/O buffer

Log message:
Changes 3.5.4:
* Fix X509 server certificate domain matching
* Bug 3775: Disable HTTP/1.1 pipeline feature for pinned connections
* Cleanup: Display correct error code in debugging output for IoCallback::finish
* Cleanup: Fix spelling error in debug message in parseHttpRequest()
* Cleanup: Add whitespace to make debug message in writeComplete() more readable
* Add Kerberos support for MAC OS X 10.x
* Bug 4234: comm_connect_addr uses errno incorrectly
* Fix 'access_log none' to prevent following logs being used
* Unexpected SQUID_X509_V_ERR_DOMAIN_MISMATCH errors while accessing sites with \ 
valid certificates
* Docs: Update CONTRIBUTORS
* Ensure class Lock counter remains within bounds
* Portability: Add hacks to define C++11 explicit N-bit type limits
* Fix SSL_get_peer_certificate memory leak
* Bug 4231 pt2: comm_open_uds does not provide description for newly opened FD
* Bug 4231 pt1: fd_open() not correctly handling empty descriptions
* Negotiate Kerberos authentication request size exceeds output buffer size.
* Do not increment an iterator invalidated by std::map::erase().
* Fix require-proxy-header preventing HTTPS proxying and ssl-bump
* Fix atomics check broken by C++11 #include added in v3.5 branch r13783
* Support for resuming TLS sessions
* Bug 4212: ssl_crtd crashes with corrupt database
* Fix rev.13795 ServerName class
* Add server_name ACL matching server name(s) obtained from various sources
* Bug 4226: digest_edirectory_auth: found but cannot be built
* Invalid request->clientConnectionManager object used by \ 
Ssl::PeerConnector::handleNegotiateError
* Bug 4198: assertion failed: client_side.h:364: "sslServerBump == srvBump"
* Fix cross-compile issues with SSL_get_certificate()
* Docs: RFC 7238 obsoleted by RFC 7538
* Boilerplate: reference Translator copyrights in CREDITS
* Cleanup: Place explicit size on ref-count lock counter
* Cleanup: extend SBuf debugging information
* digest_edirectory_auth: Fix -lnettle dependency error

Log message:
Update squid3 to 3.5.2 (Squid 3.5.3).

Changes to squid-3.5.2 (18 Feb 2015):

	- Regression Bug 4176: Digest auth too many helper lookups
	- Regression Bug 4180: not-fully-initialized data member in ACLUserData
	- Bug 4172: Solaris broken krb5-config
	- Bug 4073: Cygwin compile errors
	- Bug 3919: remove several never-true / never-false comparisons
	- HTTPS: Add missing root CAs when validating chains that passed internal checks
	- Fix some cbdataFree related memory leaks
	- Quieten CBDATA 'leak' messages
	- Set SNI information in transparent bumping mode
	- negotiate_kerberos_auth: fix krb5.conf backward compatibility
	- Fix memory leaks in cachemgr.cgi URL parser
	- Fix sslproxy_options in peek-and-splice mode
	- ... and fix several portability and build issues
	- ... and some documentation updates
	- ... and all fixes from squid 3.4.11

Log message:
libltdl is used.

Log message:
int64_t GNU atomic operations are used, check them instead in configure.

i486 is not sufficient, i686 and/or much newer compiler will be required for
NetBSD-5.*-i386.

Log message:
--with-krb5-config is not in the current version, try to use currently available
other ways instead.

Log message:
Changes 3.5.1:
Support libecap v1.0
Authentication helper query extensions
Support named services
Upgraded squidclient tool
Helper support for concurrency channels
Native FTP Relay
Receive PROXY protocol, Versions 1 & 2
Basic authentication MSNT helper changes