MINOR: server: Make 'default-server' support 'verify' keyword.

This patch makes 'default-server' directive support 'verify' keyword.
2025-11-21 19:01:00 +01:00 · 2017-03-13 13:41:16 +01:00 · 2017-03-13 13:41:16 +01:00 · 7c8cd587c2
commit 7c8cd587c2
parent 18388c910c
2 changed files with 5 additions and 1 deletions
--- a/src/server.c
+++ b/src/server.c
@ -1295,6 +1295,10 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
 			newsrv->dns_opts.pref_net_nb = curproxy->defsrv.dns_opts.pref_net_nb;
 			newsrv->init_addr_methods = curproxy->defsrv.init_addr_methods;
 			newsrv->init_addr         = curproxy->defsrv.init_addr;
+#if defined(USE_OPENSSL)
+			/* SSL config. */
+			newsrv->ssl_ctx.verify = curproxy->defsrv.ssl_ctx.verify;
+#endif

 			cur_arg = 3;
 		} else {
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@ -7517,7 +7517,7 @@ static struct srv_kw_list srv_kws = { "SSL", { }, {
 	{ "tlsv11",                  srv_parse_tlsv11,            0, 1 }, /* enable TLSv11 */
 	{ "tlsv12",                  srv_parse_tlsv12,            0, 1 }, /* enable TLSv12 */
 	{ "tls-tickets",             srv_parse_tls_tickets,       0, 1 }, /* enable session resumption tickets */
-	{ "verify",                  srv_parse_verify,            1, 0 }, /* set SSL verify method */
+	{ "verify",                  srv_parse_verify,            1, 1 }, /* set SSL verify method */
 	{ "verifyhost",              srv_parse_verifyhost,        1, 0 }, /* require that SSL cert verifies for hostname */
 	{ NULL, NULL, 0, 0 },
 }};