mirror of
https://github.com/haproxy/haproxy.git
synced 2026-06-27 02:01:17 -04:00
MEDIUM: httpclient: initialize the httpclient with default SSL values
Some checks are pending
Contrib / admin/halog/ (push) Waiting to run
Contrib / dev/flags/ (push) Waiting to run
Contrib / dev/haring/ (push) Waiting to run
Contrib / dev/hpack/ (push) Waiting to run
Contrib / dev/poll/ (push) Waiting to run
FreeBSD / clang (push) Waiting to run
VTest / Generate Build Matrix (push) Waiting to run
VTest / (push) Blocked by required conditions
Windows / Windows, gcc, all features (push) Waiting to run
Some checks are pending
Contrib / admin/halog/ (push) Waiting to run
Contrib / dev/flags/ (push) Waiting to run
Contrib / dev/haring/ (push) Waiting to run
Contrib / dev/hpack/ (push) Waiting to run
Contrib / dev/poll/ (push) Waiting to run
FreeBSD / clang (push) Waiting to run
VTest / Generate Build Matrix (push) Waiting to run
VTest / (push) Blocked by required conditions
Windows / Windows, gcc, all features (push) Waiting to run
The current httpclient implementation does not initialize its server with the options from the global section: ciphers, ciphersuites and various SSL options are always the default of the SSL library. This patch changes the behavior and apply the ssl-default-server-* keywords to the httpclient SSL server.
This commit is contained in:
William Lallemand
parent
ce417b2fb9
commit
9d64d390c8
1 changed files with 6 additions and 0 deletions
|
|
@ -1189,6 +1189,12 @@ struct proxy *httpclient_create_proxy(const char *id)
|
|||
goto err;
|
||||
}
|
||||
#endif
|
||||
if (ssl_sock_init_srv(srv_ssl)) {
|
||||
memprintf(&errmsg, "out of memory.");
|
||||
err_code |= ERR_ALERT | ERR_FATAL;
|
||||
goto err;
|
||||
}
|
||||
|
||||
srv_ssl->ssl_ctx.verify = httpclient_ssl_verify;
|
||||
/* if the verify is required, try to load the system CA */
|
||||
if (httpclient_ssl_verify == SSL_SOCK_VERIFY_REQUIRED) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue