112 cafile = settings_opt_get("ssl_cafile"); |
112 cafile = settings_opt_get("ssl_cafile"); |
113 capath = settings_opt_get("ssl_capath"); |
113 capath = settings_opt_get("ssl_capath"); |
114 ciphers = settings_opt_get("ssl_ciphers"); |
114 ciphers = settings_opt_get("ssl_ciphers"); |
115 |
115 |
116 #if !defined(HAVE_OPENSSL) && !defined(HAVE_GNUTLS) |
116 #if !defined(HAVE_OPENSSL) && !defined(HAVE_GNUTLS) |
117 if (ssl || sslvopt || cafile || capath || ciphers) { |
117 if (ssl) { |
118 scr_LogPrint(LPRINT_LOGNORM, |
118 scr_LogPrint(LPRINT_LOGNORM, "** Error: SSL is NOT available, " |
119 "** Warning: SSL is NOT available, ignoring ssl-related setting"); |
119 "do not set the option 'ssl'."); |
|
120 return; |
|
121 } else if (sslvopt || cafile || capath || ciphers) { |
|
122 scr_LogPrint(LPRINT_LOGNORM, "** Warning: SSL is NOT available, " |
|
123 "ignoring ssl-related settings"); |
120 ssl = sslverify = 0; |
124 ssl = sslverify = 0; |
121 cafile = capath = ciphers = NULL; |
125 cafile = capath = ciphers = NULL; |
122 } |
126 } |
123 #elif defined HAVE_GNUTLS |
127 #elif defined HAVE_GNUTLS |
124 if (sslverify >= 0) { |
128 if (sslverify != 0) { |
125 scr_LogPrint(LPRINT_LOGNORM, "Warning: SSL certificate checking " |
129 scr_LogPrint(LPRINT_LOGNORM, "** Error: SSL certificate checking " |
126 "is not supported yet with GnuTLS"); |
130 "is not supported yet with GnuTLS."); |
|
131 scr_LogPrint(LPRINT_LOGNORM, |
|
132 " * Please set 'ssl_verify' to 0 explicitly!"); |
|
133 return; |
127 } |
134 } |
128 #endif |
135 #endif |
129 cafile_xp = expand_filename(cafile); |
136 cafile_xp = expand_filename(cafile); |
130 capath_xp = expand_filename(capath); |
137 capath_xp = expand_filename(capath); |
131 cw_set_ssl_options(sslverify, cafile_xp, capath_xp, ciphers, servername); |
138 cw_set_ssl_options(sslverify, cafile_xp, capath_xp, ciphers, servername); |