Browse Source

[mod_openssl] error if ssl.engine in wrong section (fixes #2837)

error if ssl.engine in wrong section of config.
ssl.engine is valid only in global scope or $SERVER["socket"] condition

x-ref:
  "HTTPS requests timeout when cert not set for socket"
  https://redmine.lighttpd.net/issues/2837
personal/stbuehler/1.4.48-mod-proxy-fix
Glenn Strauss 4 years ago
parent
commit
bfef0907bd
  1. 9
      src/mod_openssl.c

9
src/mod_openssl.c

@ -566,7 +566,8 @@ network_init_ssl (server *srv, void *p_d)
}
/* PEM file is require */
log_error_write(srv, __FILE__, __LINE__, "s",
"ssl.pemfile has to be set");
"ssl.pemfile has to be set "
"when ssl.engine = \"enable\"");
return -1;
}
}
@ -989,6 +990,12 @@ SETDEFAULTS_FUNC(mod_openssl_set_defaults)
}
}
}
if (0 != i && s->ssl_enabled && config->comp != COMP_SERVER_SOCKET) {
log_error_write(srv, __FILE__, __LINE__, "s",
"ssl.engine is valid only in global scope "
"or $SERVER[\"socket\"] condition");
}
}
if (0 != network_init_ssl(srv, p)) return HANDLER_ERROR;

Loading…
Cancel
Save