diff options
| author | Reyk Floeter <reyk@esdenera.com> | 2015-02-24 08:57:19 +0100 |
|---|---|---|
| committer | Reyk Floeter <reyk@esdenera.com> | 2015-02-24 08:57:19 +0100 |
| commit | be1b7213b8e8d0de98b5a6445504a583e8c9a064 (patch) | |
| tree | b7360e53b785340929ce2e4722703fd97c121f26 /server.c | |
| parent | 8a2934048ba934e50ecc1736d554036fc39f6752 (diff) | |
| download | httpd-be1b7213b8e8d0de98b5a6445504a583e8c9a064.tar.gz httpd-be1b7213b8e8d0de98b5a6445504a583e8c9a064.zip | |
Allow to specify CGI variables as macros in redirection strings, eg.OPENBSD_5_7_BASE
block return 301 "http://www.example.com/$REQUEST_URI"
OK tedu@ florian@
Add return_uri to serverconfig_reset() to avoid using garbage from the
imsg buffer.
Debugging & OK halex@
Change TLS_PROTOCOLS_DEFAULT to be TLSv1.2 only. Add a TLS_PROTOCOLS_ALL
that includes all currently supported protocols (TLSv1.0, TLSv1.1 and
TLSv1.2). Change all users of libtls to use TLS_PROTOCOLS_ALL so that they
maintain existing behaviour.
Discussed with tedu@ and reyk@.
Diffstat (limited to 'server.c')
| -rw-r--r-- | server.c | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: server.c,v 1.57 2015/02/07 23:56:02 reyk Exp $ */ +/* $OpenBSD: server.c,v 1.60 2015/02/23 09:52:28 reyk Exp $ */ /* * Copyright (c) 2006 - 2015 Reyk Floeter <reyk@openbsd.org> @@ -175,6 +175,9 @@ server_tls_init(struct server *srv) return (-1); } + tls_config_set_protocols(srv->srv_tls_config, + srv->srv_conf.tls_protocols); + if (tls_config_set_ciphers(srv->srv_tls_config, srv->srv_conf.tls_ciphers) != 0) { log_warn("%s: failed to set tls ciphers", __func__); @@ -320,6 +323,7 @@ serverconfig_reset(struct server_config *srv_conf) { srv_conf->tls_cert_file = srv_conf->tls_key_file = NULL; srv_conf->tls_cert = srv_conf->tls_key = NULL; + srv_conf->return_uri = NULL; srv_conf->auth = NULL; } |