diff options
author | Arno Töll <arno@debian.org> | 2013-10-15 20:19:04 +0200 |
---|---|---|
committer | Arno Töll <arno@debian.org> | 2013-10-15 20:19:04 +0200 |
commit | 1380410981681f011377225708e9c530330fd5a0 (patch) | |
tree | 7dd371bc4cac8910130e4ee0f4508bc519f1778d /src/configfile.c | |
parent | 5b23e76990e58208a01c2a5362362575bc12b397 (diff) | |
download | lighttpd-1380410981681f011377225708e9c530330fd5a0.tar.gz |
Imported Upstream version 1.4.33upstream/1.4.33upstream
Diffstat (limited to 'src/configfile.c')
-rw-r--r-- | src/configfile.c | 49 |
1 files changed, 23 insertions, 26 deletions
diff --git a/src/configfile.c b/src/configfile.c index bb71b95..7408ed0 100644 --- a/src/configfile.c +++ b/src/configfile.c @@ -107,6 +107,7 @@ static int config_insert(server *srv) { { "ssl.ec-curve", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 64 */ { "ssl.disable-client-renegotiation", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER },/* 65 */ { "ssl.honor-cipher-order", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 66 */ + { "ssl.empty-fragments", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 67 */ { "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, { "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, @@ -177,8 +178,9 @@ static int config_insert(server *srv) { s->max_read_idle = 60; s->max_write_idle = 360; s->use_xattr = 0; - s->is_ssl = 0; + s->ssl_enabled = 0; s->ssl_honor_cipher_order = 1; + s->ssl_empty_fragments = 0; s->ssl_use_sslv2 = 0; s->ssl_use_sslv3 = 1; s->use_ipv6 = 0; @@ -231,7 +233,7 @@ static int config_insert(server *srv) { cv[27].destination = &(s->use_xattr); cv[28].destination = s->mimetypes; cv[29].destination = s->ssl_pemfile; - cv[30].destination = &(s->is_ssl); + cv[30].destination = &(s->ssl_enabled); cv[31].destination = &(s->log_file_not_found); cv[32].destination = &(s->log_request_handling); @@ -250,6 +252,7 @@ static int config_insert(server *srv) { cv[63].destination = s->ssl_dh_file; cv[64].destination = s->ssl_ec_curve; cv[66].destination = &(s->ssl_honor_cipher_order); + cv[67].destination = &(s->ssl_empty_fragments); cv[49].destination = &(s->etag_use_inode); cv[50].destination = &(s->etag_use_mtime); @@ -332,7 +335,7 @@ int config_setup_connection(server *srv, connection *con) { PATCH(range_requests); PATCH(force_lowercase_filenames); - PATCH(is_ssl); + PATCH(ssl_enabled); PATCH(ssl_pemfile); #ifdef USE_OPENSSL @@ -343,6 +346,7 @@ int config_setup_connection(server *srv, connection *con) { PATCH(ssl_dh_file); PATCH(ssl_ec_curve); PATCH(ssl_honor_cipher_order); + PATCH(ssl_empty_fragments); PATCH(ssl_use_sslv2); PATCH(ssl_use_sslv3); PATCH(etag_use_inode); @@ -411,6 +415,8 @@ int config_patch_connection(server *srv, connection *con, comp_key_t comp) { PATCH(ssl_ca_file); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.honor-cipher-order"))) { PATCH(ssl_honor_cipher_order); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.empty-fragments"))) { + PATCH(ssl_empty_fragments); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.use-sslv2"))) { PATCH(ssl_use_sslv2); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.use-sslv3"))) { @@ -418,7 +424,7 @@ int config_patch_connection(server *srv, connection *con, comp_key_t comp) { } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.cipher-list"))) { PATCH(ssl_cipher_list); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.engine"))) { - PATCH(is_ssl); + PATCH(ssl_enabled); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.dh-file"))) { PATCH(ssl_dh_file); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.ec-curve"))) { @@ -1235,33 +1241,24 @@ int config_set_defaults(server *srv) { { FDEVENT_HANDLER_UNSET, NULL } }; - - if (buffer_is_empty(s->document_root)) { - log_error_write(srv, __FILE__, __LINE__, "s", - "a default document-root has to be set"); - - return -1; - } - - if (buffer_is_empty(srv->srvconf.changeroot)) { - if (-1 == stat(s->document_root->ptr, &st1)) { + if (!buffer_is_empty(srv->srvconf.changeroot)) { + if (-1 == stat(srv->srvconf.changeroot->ptr, &st1)) { log_error_write(srv, __FILE__, __LINE__, "sb", - "base-docroot doesn't exist:", - s->document_root); + "server.chroot doesn't exist:", srv->srvconf.changeroot); return -1; } - - } else { - buffer_copy_string_buffer(srv->tmp_buf, srv->srvconf.changeroot); - buffer_append_string_buffer(srv->tmp_buf, s->document_root); - - if (-1 == stat(srv->tmp_buf->ptr, &st1)) { + if (!S_ISDIR(st1.st_mode)) { log_error_write(srv, __FILE__, __LINE__, "sb", - "base-docroot doesn't exist:", - srv->tmp_buf); + "server.chroot isn't a directory:", srv->srvconf.changeroot); return -1; } + } + + if (buffer_is_empty(s->document_root)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "a default document-root has to be set"); + return -1; } buffer_copy_string_buffer(srv->tmp_buf, s->document_root); @@ -1306,7 +1303,7 @@ int config_set_defaults(server *srv) { } if (srv->srvconf.port == 0) { - srv->srvconf.port = s->is_ssl ? 443 : 80; + srv->srvconf.port = s->ssl_enabled ? 443 : 80; } if (srv->srvconf.event_handler->used == 0) { @@ -1344,7 +1341,7 @@ int config_set_defaults(server *srv) { } } - if (s->is_ssl) { + if (s->ssl_enabled) { if (buffer_is_empty(s->ssl_pemfile)) { /* PEM file is require */ |