Roxen.git / server / base_server / roxen.pike

version» Context lines:

Roxen.git/server/base_server/roxen.pike:2584: Inside #if constant(Standards.X509)
      if (!sizeof(decoded_keys)) {    CERT_ERROR (KeyFile, LOC_M (17,"No private key found.\n"));    report_error ("TLS port %s: %s", get_url(),    LOC_M (17,"No private key found.\n"));    cert_err_unbind();    cert_failure = 1;    return;    }    -  if (sizeof(ctx->cert_pairs)) { +  // FIXME: Only do this if there are certs loaded?    // We must reset the set of certificates.    ctx = SSLContext();    set_version();    filter_preferred_suites(); -  } +        mapping(string:array(int)) cert_lookup = ([]);    foreach(decoded_certs; int no; Standards.X509.TBSCertificate tbs) {    cert_lookup[tbs->subject->get_der()] += ({ no });    }       foreach(decoded_keys, Crypto.Sign key) {    // FIXME: Multiple certificates with the same key?    array(int) cert_nos;    Standards.X509.TBSCertificate tbs;
Roxen.git/server/base_server/roxen.pike:2637: Inside #if constant(Standards.X509)
   issuer = UNDEFINED;    break;    }    } while ((tbs = issuer));       report_notice("Adding %s certificate (%d certs) for %s\n",    key->name(), sizeof(cert_nos), get_url());    ctx->add_cert(key, rows(certificates, cert_nos), ({ name }));    }    + #if 0 +  // FIXME: How do this in current Pike 8.0?    if (!sizeof(ctx->cert_pairs)) {    CERT_ERROR(Certificates,    LOC_M(0,"No matching keys and certificates found.\n"));    report_error ("TLS port %s: %s", get_url(),    LOC_M(0,"No matching keys and certificates found.\n"));    cert_err_unbind();    cert_failure = 1;    return;    } -  + #endif       if (!bound) {    bind (ignore_eaddrinuse);    if (old_cert_failure && bound)    report_notice (LOC_M(64, "TLS port %s opened.\n"), get_url());    if (!bound)    report_notice("Failed to bind port %s.\n", get_url());    }    }   #else
Roxen.git/server/base_server/roxen.pike:2878:    if (ssl->accept) ssl->accept();    return ssl;    }    return 0;    }      #if constant(SSL.Connection)    protected void bind (void|int ignore_eaddrinuse)    {    // Don't bind if we don't have correct certs. -  if (!sizeof(ctx->cert_pairs)) return; +  // if (!sizeof(ctx->cert_pairs)) return;    ::bind (ignore_eaddrinuse);    }   #else    protected void bind (void|int ignore_eaddrinuse)    {    // Don't bind if we don't have correct certs.    if (!ctx->certificates) return;    ::bind (ignore_eaddrinuse);    }   #endif