/[svn]/ircd-hybrid-8/src/conf_parser.y
ViewVC logotype

Diff of /ircd-hybrid-8/src/conf_parser.y

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1315 by michael, Sun Mar 25 11:24:18 2012 UTC revision 1316 by michael, Tue Mar 27 17:05:51 2012 UTC
# Line 275  unhook_hub_leaf_confs(void) Line 275  unhook_hub_leaf_confs(void)
275  %token  RSA_PUBLIC_KEY_FILE  %token  RSA_PUBLIC_KEY_FILE
276  %token  SSL_CERTIFICATE_FILE  %token  SSL_CERTIFICATE_FILE
277  %token  SSL_DH_PARAM_FILE  %token  SSL_DH_PARAM_FILE
278  %token  T_SSL_CONNECTION_METHOD  %token  T_SSL_CLIENT_METHOD
279    %token  T_SSL_SERVER_METHOD
280  %token  T_SSLV3  %token  T_SSLV3
281  %token  T_TLSV1  %token  T_TLSV1
282  %token  RESV  %token  RESV
# Line 470  serverinfo_item:        serverinfo_name Line 471  serverinfo_item:        serverinfo_name
471                          serverinfo_max_clients | serverinfo_ssl_dh_param_file |                          serverinfo_max_clients | serverinfo_ssl_dh_param_file |
472                          serverinfo_rsa_private_key_file | serverinfo_vhost6 |                          serverinfo_rsa_private_key_file | serverinfo_vhost6 |
473                          serverinfo_sid | serverinfo_ssl_certificate_file |                          serverinfo_sid | serverinfo_ssl_certificate_file |
474                          serverinfo_ssl_connection_method | serverinfo_ssl_cipher_list |                          serverinfo_ssl_client_method | serverinfo_ssl_server_method |
475                            serverinfo_ssl_cipher_list |
476                          error ';' ;                          error ';' ;
477    
478    
479  serverinfo_ssl_connection_method: T_SSL_CONNECTION_METHOD  serverinfo_ssl_client_method: T_SSL_CLIENT_METHOD '=' client_method_types ';' ;
480    serverinfo_ssl_server_method: T_SSL_SERVER_METHOD '=' server_method_types ';' ;
481    
482    client_method_types: client_method_types ',' client_method_type_item | client_method_type_item;
483    client_method_type_item: T_SSLV3
484  {  {
485  #ifdef HAVE_LIBCRYPTO  #ifdef HAVE_LIBCRYPTO
486    if (conf_parser_ctx.boot && conf_parser_ctx.pass == 2)    if (conf_parser_ctx.pass == 2 && ServerInfo.client_ctx)
487      ServerInfo.tls_version = 0;      SSL_CTX_clear_options(ServerInfo.client_ctx, SSL_OP_NO_SSLv3);
488  #endif  #endif
489  } '=' method_types ';'  } | T_TLSV1
490  {  {
491  #ifdef HAVE_LIBCRYPTO  #ifdef HAVE_LIBCRYPTO
492    if (conf_parser_ctx.boot && conf_parser_ctx.pass == 2)    if (conf_parser_ctx.pass == 2 && ServerInfo.client_ctx)
493    {      SSL_CTX_clear_options(ServerInfo.client_ctx, SSL_OP_NO_TLSv1);
     if (!(ServerInfo.tls_version & CONF_SERVER_INFO_TLS_VERSION_SSLV3))  
     {  
       SSL_CTX_set_options(ServerInfo.server_ctx, SSL_OP_NO_SSLv3);  
       SSL_CTX_set_options(ServerInfo.client_ctx, SSL_OP_NO_SSLv3);  
     }  
   
     if (!(ServerInfo.tls_version & CONF_SERVER_INFO_TLS_VERSION_TLSV1))  
     {  
       SSL_CTX_set_options(ServerInfo.server_ctx, SSL_OP_NO_TLSv1);  
       SSL_CTX_set_options(ServerInfo.client_ctx, SSL_OP_NO_TLSv1);  
     }  
   }  
494  #endif  #endif
495  };  };
496    
497  method_types: method_types ',' method_type_item | method_type_item;  server_method_types: server_method_types ',' server_method_type_item | server_method_type_item;
498  method_type_item: T_SSLV3  server_method_type_item: T_SSLV3
499  {  {
500  #ifdef HAVE_LIBCRYPTO  #ifdef HAVE_LIBCRYPTO
501    if (conf_parser_ctx.boot && conf_parser_ctx.pass == 2)    if (conf_parser_ctx.pass == 2 && ServerInfo.server_ctx)
502      ServerInfo.tls_version |= CONF_SERVER_INFO_TLS_VERSION_SSLV3;      SSL_CTX_clear_options(ServerInfo.server_ctx, SSL_OP_NO_SSLv3);
503  #endif  #endif
504  } | T_TLSV1  } | T_TLSV1
505  {  {
506  #ifdef HAVE_LIBCRYPTO  #ifdef HAVE_LIBCRYPTO
507    if (conf_parser_ctx.boot && conf_parser_ctx.pass == 2)    if (conf_parser_ctx.pass == 2 && ServerInfo.server_ctx)
508      ServerInfo.tls_version |= CONF_SERVER_INFO_TLS_VERSION_TLSV1;      SSL_CTX_clear_options(ServerInfo.server_ctx, SSL_OP_NO_TLSv1);
509  #endif  #endif
510  };  };
511    
# Line 641  serverinfo_ssl_cipher_list: T_SSL_CIPHER Line 635  serverinfo_ssl_cipher_list: T_SSL_CIPHER
635  {  {
636  #ifdef HAVE_LIBCRYPTO  #ifdef HAVE_LIBCRYPTO
637    if (conf_parser_ctx.pass == 2 && ServerInfo.server_ctx)    if (conf_parser_ctx.pass == 2 && ServerInfo.server_ctx)
   {  
638      SSL_CTX_set_cipher_list(ServerInfo.server_ctx, yylval.string);      SSL_CTX_set_cipher_list(ServerInfo.server_ctx, yylval.string);
   }  
639  #endif  #endif
640  };  };
641    

Legend:
Removed from v.1315  
changed lines
  Added in v.1316

svnadmin@ircd-hybrid.org
ViewVC Help
Powered by ViewVC 1.1.28