/[svn]/ircd-hybrid-8/src/conf_parser.y

Diff of /ircd-hybrid-8/src/conf_parser.y

Parent Directory | Revision Log | View Patch Patch

-revision 1315 by michael,
Sun Mar 25 11:24:18 2012 UTC
+revision 1316 by michael,
Tue Mar 27 17:05:51 2012 UTC
 Line 275 
 unhook_hub_leaf_confs(void)
  %token  RSA_PUBLIC_KEY_FILE
  %token  SSL_CERTIFICATE_FILE
  %token  SSL_DH_PARAM_FILE
- %token  T_SSL_CONNECTION_METHOD
+ %token  T_SSL_CLIENT_METHOD
+ %token  T_SSL_SERVER_METHOD
  %token  T_SSLV3
  %token  T_TLSV1
  %token  RESV
-Line 470 
 serverinfo_item:        serverinfo_name
+Line 471 
 serverinfo_item:        serverinfo_name
                          serverinfo_max_clients | serverinfo_ssl_dh_param_file |
                          serverinfo_rsa_private_key_file | serverinfo_vhost6 |
                          serverinfo_sid | serverinfo_ssl_certificate_file |
-                         serverinfo_ssl_connection_method | serverinfo_ssl_cipher_list |
+                         serverinfo_ssl_client_method | serverinfo_ssl_server_method |
+                         serverinfo_ssl_cipher_list |
                          error ';' ;
- serverinfo_ssl_connection_method: T_SSL_CONNECTION_METHOD
+ serverinfo_ssl_client_method: T_SSL_CLIENT_METHOD '=' client_method_types ';' ;
+ serverinfo_ssl_server_method: T_SSL_SERVER_METHOD '=' server_method_types ';' ;
+ client_method_types: client_method_types ',' client_method_type_item | client_method_type_item;
+ client_method_type_item: T_SSLV3
  {
  #ifdef HAVE_LIBCRYPTO
-   if (conf_parser_ctx.boot && conf_parser_ctx.pass == 2)
+   if (conf_parser_ctx.pass == 2 && ServerInfo.client_ctx)
-     ServerInfo.tls_version = 0;
+     SSL_CTX_clear_options(ServerInfo.client_ctx, SSL_OP_NO_SSLv3);
  #endif
- } '=' method_types ';'
+ } | T_TLSV1
  {
  #ifdef HAVE_LIBCRYPTO
-   if (conf_parser_ctx.boot && conf_parser_ctx.pass == 2)
+   if (conf_parser_ctx.pass == 2 && ServerInfo.client_ctx)
-   {
+     SSL_CTX_clear_options(ServerInfo.client_ctx, SSL_OP_NO_TLSv1);
-     if (!(ServerInfo.tls_version & CONF_SERVER_INFO_TLS_VERSION_SSLV3))
-     {
-       SSL_CTX_set_options(ServerInfo.server_ctx, SSL_OP_NO_SSLv3);
-       SSL_CTX_set_options(ServerInfo.client_ctx, SSL_OP_NO_SSLv3);
-     }
-     if (!(ServerInfo.tls_version & CONF_SERVER_INFO_TLS_VERSION_TLSV1))
-     {
-       SSL_CTX_set_options(ServerInfo.server_ctx, SSL_OP_NO_TLSv1);
-       SSL_CTX_set_options(ServerInfo.client_ctx, SSL_OP_NO_TLSv1);
-     }
-   }
  #endif
  };
- method_types: method_types ',' method_type_item | method_type_item;
+ server_method_types: server_method_types ',' server_method_type_item | server_method_type_item;
- method_type_item: T_SSLV3
+ server_method_type_item: T_SSLV3
  {
  #ifdef HAVE_LIBCRYPTO
-   if (conf_parser_ctx.boot && conf_parser_ctx.pass == 2)
+   if (conf_parser_ctx.pass == 2 && ServerInfo.server_ctx)
-     ServerInfo.tls_version |= CONF_SERVER_INFO_TLS_VERSION_SSLV3;
+     SSL_CTX_clear_options(ServerInfo.server_ctx, SSL_OP_NO_SSLv3);
  #endif
  } | T_TLSV1
  {
  #ifdef HAVE_LIBCRYPTO
-   if (conf_parser_ctx.boot && conf_parser_ctx.pass == 2)
+   if (conf_parser_ctx.pass == 2 && ServerInfo.server_ctx)
-     ServerInfo.tls_version |= CONF_SERVER_INFO_TLS_VERSION_TLSV1;
+     SSL_CTX_clear_options(ServerInfo.server_ctx, SSL_OP_NO_TLSv1);
  #endif
  };
-Line 641 
 serverinfo_ssl_cipher_list: T_SSL_CIPHER
+Line 635 
 serverinfo_ssl_cipher_list: T_SSL_CIPHER
  {
  #ifdef HAVE_LIBCRYPTO
    if (conf_parser_ctx.pass == 2 && ServerInfo.server_ctx)
-   {
      SSL_CTX_set_cipher_list(ServerInfo.server_ctx, yylval.string);
-   }
  #endif
  };

 Legend:



Removed from v.1315
 


changed lines


 
Added in v.1316
 Legend:



Removed from v.1315
 


changed lines


 
Added in v.1316
-Removed from v.1315
+Added in v.1316

svnadmin@ircd-hybrid.org	ViewVC Help
Powered by ViewVC 1.1.28