|
|
|
@ -105,6 +105,7 @@ static int config_insert(server *srv) {
|
|
|
|
|
{ "ssl.use-sslv3", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 62 */
|
|
|
|
|
{ "ssl.dh-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 63 */
|
|
|
|
|
{ "ssl.ec-curve", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 64 */
|
|
|
|
|
{ "ssl.disable-client-renegotiation", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER },/* 65 */
|
|
|
|
|
|
|
|
|
|
{ "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
|
|
|
|
|
{ "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
|
|
|
|
@ -199,6 +200,7 @@ static int config_insert(server *srv) {
|
|
|
|
|
s->ssl_verifyclient_username = buffer_init();
|
|
|
|
|
s->ssl_verifyclient_depth = 9;
|
|
|
|
|
s->ssl_verifyclient_export_cert = 0;
|
|
|
|
|
s->ssl_disable_client_renegotiation = 1;
|
|
|
|
|
|
|
|
|
|
cv[2].destination = s->errorfile_prefix;
|
|
|
|
|
|
|
|
|
@ -245,6 +247,7 @@ static int config_insert(server *srv) {
|
|
|
|
|
cv[62].destination = &(s->ssl_use_sslv3);
|
|
|
|
|
cv[63].destination = s->ssl_dh_file;
|
|
|
|
|
cv[64].destination = s->ssl_ec_curve;
|
|
|
|
|
|
|
|
|
|
cv[49].destination = &(s->etag_use_inode);
|
|
|
|
|
cv[50].destination = &(s->etag_use_mtime);
|
|
|
|
|
cv[51].destination = &(s->etag_use_size);
|
|
|
|
@ -255,6 +258,7 @@ static int config_insert(server *srv) {
|
|
|
|
|
cv[58].destination = &(s->ssl_verifyclient_depth);
|
|
|
|
|
cv[59].destination = s->ssl_verifyclient_username;
|
|
|
|
|
cv[60].destination = &(s->ssl_verifyclient_export_cert);
|
|
|
|
|
cv[65].destination = &(s->ssl_disable_client_renegotiation);
|
|
|
|
|
|
|
|
|
|
srv->config_storage[i] = s;
|
|
|
|
|
|
|
|
|
@ -346,6 +350,7 @@ int config_setup_connection(server *srv, connection *con) {
|
|
|
|
|
PATCH(ssl_verifyclient_depth);
|
|
|
|
|
PATCH(ssl_verifyclient_username);
|
|
|
|
|
PATCH(ssl_verifyclient_export_cert);
|
|
|
|
|
PATCH(ssl_disable_client_renegotiation);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
@ -454,6 +459,8 @@ int config_patch_connection(server *srv, connection *con, comp_key_t comp) {
|
|
|
|
|
PATCH(ssl_verifyclient_username);
|
|
|
|
|
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.exportcert"))) {
|
|
|
|
|
PATCH(ssl_verifyclient_export_cert);
|
|
|
|
|
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.disable-client-renegotiation"))) {
|
|
|
|
|
PATCH(ssl_disable_client_renegotiation);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|