-.\" $OpenBSD: httpd.conf.5,v 1.86 2017/11/28 09:40:46 jmc Exp $
+.\" $OpenBSD: httpd.conf.5,v 1.87 2017/11/29 16:55:08 beck Exp $
.\"
.\" Copyright (c) 2014, 2015 Reyk Floeter <reyk@openbsd.org>
.\"
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: November 28 2017 $
+.Dd $Mdocdate: November 29 2017 $
.Dt HTTPD.CONF 5
.Os
.Sh NAME
The default is to not use OCSP stapling.
If the OSCP response in
.Ar file
-is unparseable or empty, OCSP stapling will not be used.
+is empty, OCSP stapling will not be used.
.It Ic protocols Ar string
Specify the TLS protocols to enable for this server.
If not specified, the value
-/* $OpenBSD: server.c,v 1.112 2017/11/28 01:21:30 beck Exp $ */
+/* $OpenBSD: server.c,v 1.113 2017/11/29 16:55:08 beck Exp $ */
/*
* Copyright (c) 2006 - 2015 Reyk Floeter <reyk@openbsd.org>
if ((srv->srv_conf.tls_ocsp_staple = tls_load_file(
srv->srv_conf.tls_ocsp_staple_file,
&srv->srv_conf.tls_ocsp_staple_len, NULL)) == NULL) {
- log_warnx("%s: Failed to load ocsp staple from %s - ignoring", __func__,
+ log_warnx("%s: Failed to load ocsp staple from %s", __func__,
srv->srv_conf.tls_ocsp_staple_file);
- return (0);
+ return (-1);
}
if (srv->srv_conf.tls_ocsp_staple_len == 0) {
projects / openbsd / commitdiff