diff options
| author | Arno Töll <arno@debian.org> | 2012-11-21 23:03:54 +0100 |
|---|---|---|
| committer | Arno Töll <arno@debian.org> | 2012-11-21 23:03:54 +0100 |
| commit | 6b6dce9b02fdb1b840047562ad19f2c28080b46a (patch) | |
| tree | cb8ce10661527fcd0c69652c39bdf883d26f7555 /src/configfile.c | |
| parent | 8bc3f8767c4f4f4687d085405db60df79686521d (diff) | |
| download | lighttpd-6b6dce9b02fdb1b840047562ad19f2c28080b46a.tar.gz | |
Imported Upstream version 1.4.24upstream/1.4.24
Diffstat (limited to 'src/configfile.c')
| -rw-r--r-- | src/configfile.c | 80 |
1 files changed, 57 insertions, 23 deletions
diff --git a/src/configfile.c b/src/configfile.c index 11117e7..01213e7 100644 --- a/src/configfile.c +++ b/src/configfile.c @@ -1,3 +1,12 @@ +#include "server.h" +#include "log.h" +#include "stream.h" +#include "plugin.h" + +#include "configparser.h" +#include "configfile.h" +#include "proc_open.h" + #include <sys/stat.h> #include <stdlib.h> @@ -10,18 +19,6 @@ #include <limits.h> #include <assert.h> -#include "server.h" -#include "log.h" -#include "stream.h" -#include "plugin.h" -#ifdef USE_LICENSE -#include "license.h" -#endif - -#include "configparser.h" -#include "configfile.h" -#include "proc_open.h" - static int config_insert(server *srv) { size_t i; @@ -42,12 +39,12 @@ static int config_insert(server *srv) { { "server.event-handler", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 10 */ { "server.pid-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 11 */ - { "server.max-request-size", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 12 */ + { "server.max-request-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 12 */ { "server.max-worker", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 13 */ { "server.document-root", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 14 */ - { "server.force-lowercase-filenames", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 15 */ + { "server.force-lowercase-filenames", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER },/* 15 */ { "debug.log-condition-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 16 */ - { "server.max-keep-alive-requests", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */ + { "server.max-keep-alive-requests", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },/* 17 */ { "server.name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 18 */ { "server.max-keep-alive-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 19 */ @@ -91,12 +88,17 @@ static int config_insert(server *srv) { { "server.core-files", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 46 */ { "ssl.cipher-list", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 47 */ { "ssl.use-sslv2", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 48 */ - { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 49 */ - { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 50 */ - { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 51 */ + { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 49 */ + { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 50 */ + { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 51 */ { "server.reject-expect-100-with-417", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 52 */ { "debug.log-timeouts", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 53 */ - { "server.defer-accept", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 54 */ + { "server.defer-accept", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 54 */ + { "server.breakagelog", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 55 */ + { "ssl.verifyclient.activate", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 56 */ + { "ssl.verifyclient.enforce", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 57 */ + { "ssl.verifyclient.depth", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 58 */ + { "ssl.verifyclient.username", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 59 */ { "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, { "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, { "server.virtual-root", "load mod_simple_vhost and use simple-vhost.server-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, @@ -139,6 +141,8 @@ static int config_insert(server *srv) { cv[43].destination = &(srv->srvconf.max_conns); cv[12].destination = &(srv->srvconf.max_request_size); cv[52].destination = &(srv->srvconf.reject_expect_100_with_417); + cv[55].destination = srv->srvconf.breakagelog_file; + srv->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *)); assert(srv->config_storage); @@ -179,6 +183,10 @@ static int config_insert(server *srv) { s->global_kbytes_per_second = 0; s->global_bytes_per_second_cnt = 0; s->global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt; + s->ssl_verifyclient = 0; + s->ssl_verifyclient_enforce = 1; + s->ssl_verifyclient_username = buffer_init(); + s->ssl_verifyclient_depth = 9; cv[2].destination = s->errorfile_prefix; @@ -225,6 +233,12 @@ static int config_insert(server *srv) { cv[50].destination = &(s->etag_use_mtime); cv[51].destination = &(s->etag_use_size); + /* ssl.verify */ + cv[56].destination = &(s->ssl_verifyclient); + cv[57].destination = &(s->ssl_verifyclient_enforce); + cv[58].destination = &(s->ssl_verifyclient_depth); + cv[59].destination = s->ssl_verifyclient_username; + srv->config_storage[i] = s; if (0 != (ret = config_insert_values_global(srv, ((data_config *)srv->config_context->data[i])->value, cv))) { @@ -290,19 +304,28 @@ int config_setup_connection(server *srv, connection *con) { PATCH(log_condition_handling); PATCH(log_file_not_found); PATCH(log_ssl_noise); + PATCH(log_timeouts); PATCH(range_requests); PATCH(force_lowercase_filenames); PATCH(is_ssl); PATCH(ssl_pemfile); +#ifdef USE_OPENSSL + PATCH(ssl_ctx); +#endif PATCH(ssl_ca_file); PATCH(ssl_cipher_list); PATCH(ssl_use_sslv2); PATCH(etag_use_inode); PATCH(etag_use_mtime); PATCH(etag_use_size); - + + PATCH(ssl_verifyclient); + PATCH(ssl_verifyclient_enforce); + PATCH(ssl_verifyclient_depth); + PATCH(ssl_verifyclient_username); + return 0; } @@ -351,6 +374,9 @@ int config_patch_connection(server *srv, connection *con, comp_key_t comp) { PATCH(etag_use_size); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.pemfile"))) { PATCH(ssl_pemfile); +#ifdef USE_OPENSSL + PATCH(ssl_ctx); +#endif } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.ca-file"))) { PATCH(ssl_ca_file); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.use-sslv2"))) { @@ -391,6 +417,14 @@ int config_patch_connection(server *srv, connection *con, comp_key_t comp) { PATCH(global_kbytes_per_second); PATCH(global_bytes_per_second_cnt); con->conf.global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt; + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.activate"))) { + PATCH(ssl_verifyclient); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.enforce"))) { + PATCH(ssl_verifyclient_enforce); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.depth"))) { + PATCH(ssl_verifyclient_depth); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.username"))) { + PATCH(ssl_verifyclient_username); } } } @@ -1135,15 +1169,15 @@ int config_set_defaults(server *srv) { * - select works everywhere * - linux-* are experimental */ +#ifdef USE_LINUX_EPOLL + { FDEVENT_HANDLER_LINUX_SYSEPOLL, "linux-sysepoll" }, +#endif #ifdef USE_POLL { FDEVENT_HANDLER_POLL, "poll" }, #endif #ifdef USE_SELECT { FDEVENT_HANDLER_SELECT, "select" }, #endif -#ifdef USE_LINUX_EPOLL - { FDEVENT_HANDLER_LINUX_SYSEPOLL, "linux-sysepoll" }, -#endif #ifdef USE_LINUX_SIGIO { FDEVENT_HANDLER_LINUX_RTSIG, "linux-rtsig" }, #endif |