artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 769dc45) | patch
Make httpd stricter with respect to TLS configuration - in particular, do
authorjsing <jsing@openbsd.org>
Mon, 15 Aug 2016 13:48:24 +0000 (13:48 +0000)
committerjsing <jsing@openbsd.org>
Mon, 15 Aug 2016 13:48:24 +0000 (13:48 +0000)
commite1f28ec908e9c2cda74875e851e3cecfd136023f
tree0a996956d4102f11d0242ecbcaa064b31506267ftree | snapshot
parent769dc45f036fe9b4ccdf01cc98d827bce805246fcommit | diff
Make httpd stricter with respect to TLS configuration - in particular, do
not allow TLS and non-TLS to be configured on the same port, do not allow
TLS options to be specified without a TLS listener and ensure that the TLS
options are the same when a server is specified on the same address/port.
Currently, these configurations are permitted but do not work as intended.

Also factor out and reuse the server matching code, which was previously
duplicated.

ok reyk@
usr.sbin/httpd/httpd.h diff | blob | history
usr.sbin/httpd/parse.y diff | blob | history
usr.sbin/httpd/server.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim