diff options
author | Reyk Floeter <reyk@esdenera.com> | 2015-02-24 08:57:19 +0100 |
---|---|---|
committer | Reyk Floeter <reyk@esdenera.com> | 2015-02-24 08:57:19 +0100 |
commit | be1b7213b8e8d0de98b5a6445504a583e8c9a064 (patch) | |
tree | b7360e53b785340929ce2e4722703fd97c121f26 /httpd.conf.5 | |
parent | 8a2934048ba934e50ecc1736d554036fc39f6752 (diff) | |
download | httpd-be1b7213b8e8d0de98b5a6445504a583e8c9a064.tar.gz httpd-be1b7213b8e8d0de98b5a6445504a583e8c9a064.zip |
Allow to specify CGI variables as macros in redirection strings, eg.OPENBSD_5_7_BASE
block return 301 "http://www.example.com/$REQUEST_URI"
OK tedu@ florian@
Add return_uri to serverconfig_reset() to avoid using garbage from the
imsg buffer.
Debugging & OK halex@
Change TLS_PROTOCOLS_DEFAULT to be TLSv1.2 only. Add a TLS_PROTOCOLS_ALL
that includes all currently supported protocols (TLSv1.0, TLSv1.1 and
TLSv1.2). Change all users of libtls to use TLS_PROTOCOLS_ALL so that they
maintain existing behaviour.
Discussed with tedu@ and reyk@.
Diffstat (limited to 'httpd.conf.5')
-rw-r--r-- | httpd.conf.5 | 39 |
1 files changed, 36 insertions, 3 deletions
diff --git a/httpd.conf.5 b/httpd.conf.5 index f93b57e..da51ad3 100644 --- a/httpd.conf.5 +++ b/httpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: httpd.conf.5,v 1.50 2015/02/07 08:12:30 jmc Exp $ +.\" $OpenBSD: httpd.conf.5,v 1.53 2015/02/23 18:43:18 reyk Exp $ .\" .\" Copyright (c) 2014, 2015 Reyk Floeter <reyk@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: February 7 2015 $ +.Dd $Mdocdate: February 23 2015 $ .Dt HTTPD.CONF 5 .Os .Sh NAME @@ -157,13 +157,38 @@ Close the connection and send an error page. If the optional return code is not specified, .Xr httpd 8 denies access with a -.Sq 404 Forbidden +.Sq 403 Forbidden response. The optional .Ar uri argument can be used with return codes in the 3xx range to send a .Sq Location: header for redirection to a specified URI. +.Pp +The +.Ar url +may contain predefined macros that will be expanded at runtime: +.Pp +.Bl -tag -width $DOCUMENT_URI -offset indent -compact +.It Ic $DOCUMENT_URI +The request path. +.It Ic $QUERY_STRING +The optional query string of the request. +.It Ic $REMOTE_ADDR +The IP address of the connected client. +.It Ic $REMOTE_PORT +The TCP source port of the connected client. +.It Ic $REMOTE_USER +The remote user for HTTP authentication. +.It Ic $REQUEST_URI +The request path and optional query string. +.It Ic $SERVER_ADDR +The configured IP address of the relay. +.It Ic $SERVER_PORT +The configured TCP server port of the relay. +.It Ic $SERVER_NAME +The name of the server. +.El .It Ic connection Ar option Set the specified options and limits for HTTP connections. Valid options are: @@ -367,6 +392,14 @@ should contain a PEM encoded private key and reside outside of the .Xr chroot 2 root directory of .Nm httpd . +.It Ic protocols Ar string +Specify the TLS protocols to enable for this server. +If not specified, the default value +.Qq all +will be used (all available protocols). +Refer to the +.Xr tls_config_parse_protocols 3 +function for other valid protocol string values. .El .El .Sh TYPES |