Roxen.git / server / base_server / global_variables.pike

version» Context lines:

Roxen.git/server/base_server/global_variables.pike:241: Inside #if constant(SSL.ServerConnection)
  #if constant(SSL.ServerConnection)    // Pike 8.0 and later has much more advanced support for SSL/TLS.       defvar( "ssl_password",    Variable.String("", 0, LOCALE(0, "SSL decryption password"),    LOCALE(0, "Optional password to decrypt the "    "SSL key file(s).")));       // 112 bits is the maximum strength to still retain the    // DES-3 suites, which are required in the TLS standards. +  // +  // FIXME: The cipher strength list ought to be generated dynamically +  // from SSL.Constants.CIPHER_effective_keylengths.    defvar("ssl_key_bits",    Variable.Int(112, 0, -  LOCALE(0, "Cipher suite minimum key strength"), +  LOCALE(0, "Cipher suite minimum effective key strength"),    LOCALE(0,    "<p>The minimum number of bits to secure "    "connections.</p>\n"    "<p>Common ciphers (subject to availability) " -  "in order of bits:\n" +  "in order of effective key bits:\n"    "<dl>\n" -  "<dt>40</dt>\n" -  "<dd>Export DES (aka DES-40)</dd>\n" +  "<dt>24</dt>\n"    "<dd>Export RC4 (aka RC4-40)</dd>\n" -  "<dt>56</dt>\n" +  "<dt>32</dt>\n" +  "<dd>Export DES (aka DES-40)</dd>\n" +  "<dt>38</dt>\n" +  "<dd>RC4</dd>\n" +  "<dt>40</dt>\n"    "<dd>DES</dd>\n"    "<dt>112</dt>\n"    "<dd>3-DES (Note that this cipher is the "    "minimum required cipher in many versions "    "of TLS)</dd>\n"    "<dt>128</dt>\n"    "<dd>AES-128</dd>\n"    "<dd>Camellia-128</dd>\n" -  "<dd>RC4</dd>\n" +     "<dt>256</dt>\n"    "<dd>AES-256</dd>\n"    "<dd>Camellia-256</dd>\n" -  +  "<dd>ChaCha20</dd>\n"    "</dl>\n"    "</p>\n")))->set_range(0, Variable.no_limit);       defvar("ssl_suite_filter",    Variable.IntChoice(0,    ([    0: "Default",    4: "Ephemeral key exchanges only",    8: "Suite B (relaxed)",    12: "Suite B (ephemeral only)",
Roxen.git/server/base_server/global_variables.pike:314: Inside #if constant(SSL.ServerConnection)
   "<dt>Suite B (strict)</dt>\n"    "<dd>Support only the suites specified by "    "RFC 6460.</dt>\n"    "</dl>\n"    "</p>\n"    "<p>Note: Full Suite B operation is not "    "supported in all configurations.</p>\n"    "<p>Note: For full Suite B compliance a "    "suitable certificate must also be "    "used.</p>"))); -  + #endif /* SSL.ServerConnection */ + #if constant(SSL.Constants.PROTOCOL_TLS_MAX)    defvar("ssl_min_version", -  Variable.IntChoice(SSL.Constants.PROTOCOL_SSL_3_0, +  Variable.IntChoice(SSL.Constants.PROTOCOL_TLS_1_0,    ([    SSL.Constants.PROTOCOL_SSL_3_0:    "SSL 3.0",    SSL.Constants.PROTOCOL_TLS_1_0:    "TLS 1.0 (aka SSL 3.1)", -  + #if constant(SSL.Constants.PROTOCOL_TLS_1_2)    SSL.Constants.PROTOCOL_TLS_1_1:    "TLS 1.1",    SSL.Constants.PROTOCOL_TLS_1_2:    "TLS 1.2", -  + #endif    ]),    0,    LOCALE(0, "Minimum supported version of SSL/TLS"),    LOCALE(0, "<p>Reject clients that want to use a "    "version of SSL/TLS lower than the selected "    "version.</p>\n"))); - #endif /* SSL.ServerConnection */ + #endif /* SSL.Constants.PROTOCOL_TLS_MAX */   }         // Get the current domain. This is not as easy as one could think.   string get_domain(int|void l)   {    string s = "nowhere";    string t;       // FIXME: NT support.
Roxen.git/server/base_server/global_variables.pike:634:   Roxen process no longer can read files it previously has written.   The start script attempts to fix this for the standard file locations.</p>"));       defvar("permanent_uid", 0, LOCALE(130, "Change uid and gid permanently"),    TYPE_FLAG,    LOCALE(131, "If this variable is set, Roxen will set it's uid and gid "    "permanently. This disables the 'exec script as user' features "    "for CGI, and also 'access files as user' in the filesystems, but "    "it gives better security."));    -  defvar("ModuleDirs", roxenloader.default_roxen_module_path, +  defvar("ModuleDirs", ({ "$LOCALDIR/modules/", "modules/" }),    LOCALE(132, "Module directories"),    TYPE_DIR_LIST,    LOCALE(133, "This is a list of directories where Roxen should look "    "for modules. Can be relative paths, from the "    "directory you started Roxen. "    "The directories are searched in order for modules."));       defvar("Supports",    Variable.Text( "#include <etc/supports>\n",    VAR_MORE, LOCALE(134, "Client supports regexps"),