@ -107,6 +107,7 @@ static int config_insert(server *srv) {
{ " ssl.ec-curve " , NULL , T_CONFIG_STRING , T_CONFIG_SCOPE_SERVER } , /* 64 */
{ " ssl.disable-client-renegotiation " , NULL , T_CONFIG_BOOLEAN , T_CONFIG_SCOPE_SERVER } , /* 65 */
{ " ssl.honor-cipher-order " , NULL , T_CONFIG_BOOLEAN , T_CONFIG_SCOPE_SERVER } , /* 66 */
{ " ssl.empty-fragments " , NULL , T_CONFIG_BOOLEAN , T_CONFIG_SCOPE_SERVER } , /* 67 */
{ " server.host " , " use server.bind instead " , T_CONFIG_DEPRECATED , T_CONFIG_SCOPE_UNSET } ,
{ " server.docroot " , " use server.document-root instead " , T_CONFIG_DEPRECATED , T_CONFIG_SCOPE_UNSET } ,
@ -179,6 +180,7 @@ static int config_insert(server *srv) {
s - > use_xattr = 0 ;
s - > ssl_enabled = 0 ;
s - > ssl_honor_cipher_order = 1 ;
s - > ssl_empty_fragments = 0 ;
s - > ssl_use_sslv2 = 0 ;
s - > ssl_use_sslv3 = 1 ;
s - > use_ipv6 = 0 ;
@ -250,6 +252,7 @@ static int config_insert(server *srv) {
cv [ 63 ] . destination = s - > ssl_dh_file ;
cv [ 64 ] . destination = s - > ssl_ec_curve ;
cv [ 66 ] . destination = & ( s - > ssl_honor_cipher_order ) ;
cv [ 67 ] . destination = & ( s - > ssl_empty_fragments ) ;
cv [ 49 ] . destination = & ( s - > etag_use_inode ) ;
cv [ 50 ] . destination = & ( s - > etag_use_mtime ) ;
@ -343,6 +346,7 @@ int config_setup_connection(server *srv, connection *con) {
PATCH ( ssl_dh_file ) ;
PATCH ( ssl_ec_curve ) ;
PATCH ( ssl_honor_cipher_order ) ;
PATCH ( ssl_empty_fragments ) ;
PATCH ( ssl_use_sslv2 ) ;
PATCH ( ssl_use_sslv3 ) ;
PATCH ( etag_use_inode ) ;
@ -411,6 +415,8 @@ int config_patch_connection(server *srv, connection *con, comp_key_t comp) {
PATCH ( ssl_ca_file ) ;
} else if ( buffer_is_equal_string ( du - > key , CONST_STR_LEN ( " ssl.honor-cipher-order " ) ) ) {
PATCH ( ssl_honor_cipher_order ) ;
} else if ( buffer_is_equal_string ( du - > key , CONST_STR_LEN ( " ssl.empty-fragments " ) ) ) {
PATCH ( ssl_empty_fragments ) ;
} else if ( buffer_is_equal_string ( du - > key , CONST_STR_LEN ( " ssl.use-sslv2 " ) ) ) {
PATCH ( ssl_use_sslv2 ) ;
} else if ( buffer_is_equal_string ( du - > key , CONST_STR_LEN ( " ssl.use-sslv3 " ) ) ) {