d94b3fe98f92a5f95a078a8f53e24bd0a02eff02 - haproxy

commit	d94b3fe98f92a5f95a078a8f53e24bd0a02eff02	[log] [tgz]
author	Emeric Brun <ebrun@exceliance.fr>	Thu Sep 20 18:23:56 2012 +0200
committer	Willy Tarreau <w@1wt.eu>	Tue Oct 02 08:04:49 2012 +0200
tree	8baacd58227889b02c7c1ba22aa9f14770397714
parent	7fb34422fe97706916acea059343cc21a9d6e5ef [diff]

MEDIUM: ssl: add client certificate authentication support

Add keyword 'verify' on bind:
'verify none': authentication disabled (default)
'verify optional': accept connection without certificate
                   and process a verify if the client sent a certificate
'verify required': reject connection without certificate
                   and process a verify if the client send a certificate

Add keyword 'cafile' on bind:
'cafile <path>' path to a client CA file used to verify.
'crlfile <path>' path to a client CRL file used to verify.

include/types/listener.h[diff]
src/cfgparse.c[diff]
src/haproxy.c[diff]
src/ssl_sock.c[diff]

4 files changed

tree: 8baacd58227889b02c7c1ba22aa9f14770397714

contrib/
doc/
ebtree/
examples/
include/
src/
tests/
.gitignore
CHANGELOG
LICENSE
Makefile
Makefile.bsd
Makefile.osx
README
ROADMAP
SUBVERS
TODO
VERDATE
VERSION