diff options
| author | Sergey Poznyakoff <gray@gnu.org.ua> | 2012-10-16 23:20:19 +0300 |
|---|---|---|
| committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2012-10-16 23:20:19 +0300 |
| commit | 59fd27abd2fc4e0201695976edfdde84fe37aea0 (patch) | |
| tree | 11af0390ea7886f915590b1a74555898d6fab7d6 /doc | |
| parent | 086f544ad76e8d9560c39d11ea556c570e46d7c4 (diff) | |
| download | eclat-59fd27abd2fc4e0201695976edfdde84fe37aea0.tar.gz eclat-59fd27abd2fc4e0201695976edfdde84fe37aea0.tar.bz2 | |
Provide configuration statements for SSL control.
* doc/eclat.conf.5: Document new configuration statements.
* src/cmdline.opt (replvar): Change structure.
(replace_int_var): New function.
* src/config.c: Use "ssl" as a block or scalar statement.
* src/eclat.c (ssl_verify_peer, ssl_ca_file)
(ssl_ca_path): New variables.
(main): Set up SSL configuration.
* src/eclat.h (ssl_verify_peer, ssl_ca_file)
(ssl_ca_path): New protos.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/eclat.conf.5 | 43 |
1 files changed, 42 insertions, 1 deletions
diff --git a/doc/eclat.conf.5 b/doc/eclat.conf.5 index b461c97..2a14e2e 100644 --- a/doc/eclat.conf.5 +++ b/doc/eclat.conf.5 @@ -13,7 +13,7 @@ .\" .\" You should have received a copy of the GNU General Public License .\" along with Eclat. If not, see <http://www.gnu.org/licenses/>. -.TH ECLAT.CONF 5 "October 15, 2012" "ECLAT" "Eclat User Reference" +.TH ECLAT.CONF 5 "October 16, 2012" "ECLAT" "Eclat User Reference" .SH NAME eclat.conf \- configuration file for .BR eclat (1). @@ -395,6 +395,47 @@ algorithm described below. If an access file cannot be opened due to insufficient privileges, no error message is issued (unless the debugging level \fBmain.1\fR or higher is requested). This allows you to have different access files for use by different groups of users. +.SS SSL CONFIGURATION +The \fBssl\fR statement has two forms, and can be used as scalar or as +a block statement. In scalar form it is used to enable SSL: +.TP +.B ssl yes +Enables SSL. +.PP +The block form allows for more detailed control over the SSL +configuration: +.sp +.nf +.in +2 + ssl { + enable \fIbool\fR; + verify \fIboolean\fR; + ca\-file \fIfile\fR; + ca\-path \fIdirectory\fR; + } +.in +.fi +.PP +Its statements are: +.TP +\fBenable\fR \fIbool\fR +Enable or disable SSL. This statement is equivalent to +.B ssl +in scalar form. +.TP +\fBverify\fR \fIboolean\fR +Verify peer certificate. The default is \fByes\fR. +.TP +\fBca\-file\fR \fIfile\fR +Supplies the name of the file with CA certificates. +.TP +\fBca\-path\fR \fIdirectory\fR +Supplies the name of the directory where CA certificates are stored. +.PP +By default the CA certificates shipped with +.BR libcurl (3) +will be used. You would rarely need to use \fBca\-file\fR or +\fBca\-path\fR statements. .SH FORMAT DEFINITIONS This group of statements declares the formats to use. .TP |