diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-10-11 09:41:15 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-10-13 09:07:02 +0300 |
commit | 6e95c305e4f0a3b0c33d8d4db7db8058f998e089 (patch) | |
tree | bcdef304d833a5dd25b64471f20cf63f09a86a3c /src/include/microhttpd.h | |
parent | ce538bc10254dbe52ea8ae66aeb0bc77605d1547 (diff) | |
download | libmicrohttpd-6e95c305e4f0a3b0c33d8d4db7db8058f998e089.tar.gz libmicrohttpd-6e95c305e4f0a3b0c33d8d4db7db8058f998e089.zip |
TLS: use application-specific system-wide configuration with fallbacks
Implemented more flexible GnuTLS priorities string initialisation. Now
MHD tries to use "@LIBMICROHTTPD" configuration at first, so all
MHD instances on particular system can be configured by specifying the
string like "LIBMICROHTTPD = ..." in GnuTLS system-wide configuration.
For example "LIBMICROHTTPD = NORMAL:-VERS-TLS1.0:-VERS-TLS1.1" could be
used to disable TLS v1.0 and TLS v1.1 for all MHD instances.
If application-specific configuration is not available, then default
"@SYSTEM" run-time configuration is used.
If "@SYSTEM" is not defined, then GnuTLS build-time default string
is used.
Standard "NORMAL" configuration is used if everything else fails.
Diffstat (limited to 'src/include/microhttpd.h')
-rw-r--r-- | src/include/microhttpd.h | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h index 63afc9e0..94e6095c 100644 --- a/src/include/microhttpd.h +++ b/src/include/microhttpd.h | |||
@@ -96,7 +96,7 @@ extern "C" | |||
96 | * they are parsed as decimal numbers. | 96 | * they are parsed as decimal numbers. |
97 | * Example: 0x01093001 = 1.9.30-1. | 97 | * Example: 0x01093001 = 1.9.30-1. |
98 | */ | 98 | */ |
99 | #define MHD_VERSION 0x00097540 | 99 | #define MHD_VERSION 0x00097541 |
100 | 100 | ||
101 | /* If generic headers don't work on your platform, include headers | 101 | /* If generic headers don't work on your platform, include headers |
102 | which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t', | 102 | which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t', |
@@ -1732,8 +1732,15 @@ enum MHD_OPTION | |||
1732 | MHD_OPTION_HTTPS_CRED_TYPE = 10, | 1732 | MHD_OPTION_HTTPS_CRED_TYPE = 10, |
1733 | 1733 | ||
1734 | /** | 1734 | /** |
1735 | * Memory pointer to a `const char *` specifying the | 1735 | * Memory pointer to a `const char *` specifying the GnuTLS priorities string. |
1736 | * cipher algorithm (default: "NORMAL"). | 1736 | * If this options is not specified, then MHD will try the following strings: |
1737 | * * "@LIBMICROHTTPD" (application-specific system-wide configuration) | ||
1738 | * * "@SYSTEM" (system-wide configuration) | ||
1739 | * * default GnuTLS priorities string | ||
1740 | * * "NORMAL" | ||
1741 | * The first configuration accepted by GnuTLS will be used. | ||
1742 | * For more details see GnuTLS documentation for "Application-specific | ||
1743 | * priority strings". | ||
1737 | */ | 1744 | */ |
1738 | MHD_OPTION_HTTPS_PRIORITIES = 11, | 1745 | MHD_OPTION_HTTPS_PRIORITIES = 11, |
1739 | 1746 | ||