|
|
|
@ -105,6 +105,7 @@ static int config_insert(server *srv) {
|
|
|
|
|
{ "ssl.use-sslv3", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 62 */ |
|
|
|
|
{ "ssl.dh-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 63 */ |
|
|
|
|
{ "ssl.ec-curve", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 64 */ |
|
|
|
|
{ "ssl.disable-client-renegotiation", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER },/* 65 */ |
|
|
|
|
|
|
|
|
|
{ "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, |
|
|
|
|
{ "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, |
|
|
|
@ -199,6 +200,7 @@ static int config_insert(server *srv) {
|
|
|
|
|
s->ssl_verifyclient_username = buffer_init(); |
|
|
|
|
s->ssl_verifyclient_depth = 9; |
|
|
|
|
s->ssl_verifyclient_export_cert = 0; |
|
|
|
|
s->ssl_disable_client_renegotiation = 1; |
|
|
|
|
|
|
|
|
|
cv[2].destination = s->errorfile_prefix; |
|
|
|
|
|
|
|
|
@ -245,6 +247,7 @@ static int config_insert(server *srv) {
|
|
|
|
|
cv[62].destination = &(s->ssl_use_sslv3); |
|
|
|
|
cv[63].destination = s->ssl_dh_file; |
|
|
|
|
cv[64].destination = s->ssl_ec_curve; |
|
|
|
|
|
|
|
|
|
cv[49].destination = &(s->etag_use_inode); |
|
|
|
|
cv[50].destination = &(s->etag_use_mtime); |
|
|
|
|
cv[51].destination = &(s->etag_use_size); |
|
|
|
@ -255,6 +258,7 @@ static int config_insert(server *srv) {
|
|
|
|
|
cv[58].destination = &(s->ssl_verifyclient_depth); |
|
|
|
|
cv[59].destination = s->ssl_verifyclient_username; |
|
|
|
|
cv[60].destination = &(s->ssl_verifyclient_export_cert); |
|
|
|
|
cv[65].destination = &(s->ssl_disable_client_renegotiation); |
|
|
|
|
|
|
|
|
|
srv->config_storage[i] = s; |
|
|
|
|
|
|
|
|
@ -346,6 +350,7 @@ int config_setup_connection(server *srv, connection *con) {
|
|
|
|
|
PATCH(ssl_verifyclient_depth); |
|
|
|
|
PATCH(ssl_verifyclient_username); |
|
|
|
|
PATCH(ssl_verifyclient_export_cert); |
|
|
|
|
PATCH(ssl_disable_client_renegotiation); |
|
|
|
|
|
|
|
|
|
return 0; |
|
|
|
|
} |
|
|
|
@ -454,6 +459,8 @@ int config_patch_connection(server *srv, connection *con, comp_key_t comp) {
|
|
|
|
|
PATCH(ssl_verifyclient_username); |
|
|
|
|
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.exportcert"))) { |
|
|
|
|
PATCH(ssl_verifyclient_export_cert); |
|
|
|
|
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.disable-client-renegotiation"))) { |
|
|
|
|
PATCH(ssl_disable_client_renegotiation); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|