"('[+-][" SSL_PROTOCOLS "] ...' - see manual)")

                "('[+-][" SSL_PROTOCOLS "] ...' - see manual)")

    SSL_CMD_SRV(HonorCipherOrder, FLAG,

    SSL_CMD_SRV(HonorCipherOrder, FLAG,

                "Use the server's cipher ordering preference")

                "Use the server's cipher ordering preference")

    SSL_CMD_SRV(Compression, FLAG,

    SSL_CMD_SRV(Compression, FLAG,

                "Enable SSL level compression"

                "Enable SSL level compression"

                "(`on', `off')")

                "(`on', `off')")

    sc->vhost_id_len           = 0;     /* set during module init */

    sc->vhost_id_len           = 0;     /* set during module init */

    sc->session_cache_timeout  = UNSET;

    sc->session_cache_timeout  = UNSET;

    sc->cipher_server_pref     = UNSET;

    sc->cipher_server_pref     = UNSET;

    sc->insecure_reneg         = UNSET;

    sc->insecure_reneg         = UNSET;

    sc->proxy_ssl_check_peer_expire = SSL_ENABLED_UNSET;

    sc->proxy_ssl_check_peer_expire = SSL_ENABLED_UNSET;

    sc->proxy_ssl_check_peer_cn     = SSL_ENABLED_UNSET;

    sc->proxy_ssl_check_peer_cn     = SSL_ENABLED_UNSET;

    cfgMergeBool(proxy_enabled);

    cfgMergeBool(proxy_enabled);

    cfgMergeInt(session_cache_timeout);

    cfgMergeInt(session_cache_timeout);

    cfgMergeBool(cipher_server_pref);

    cfgMergeBool(cipher_server_pref);

    cfgMergeBool(insecure_reneg);

    cfgMergeBool(insecure_reneg);

    cfgMerge(proxy_ssl_check_peer_expire, SSL_ENABLED_UNSET);

    cfgMerge(proxy_ssl_check_peer_expire, SSL_ENABLED_UNSET);

    cfgMerge(proxy_ssl_check_peer_cn, SSL_ENABLED_UNSET);

    cfgMerge(proxy_ssl_check_peer_cn, SSL_ENABLED_UNSET);

#endif

#endif

}

}

const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag)

const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag)

{

{

#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION

#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION

    char *cp;

    char *cp;

    int protocol = mctx->protocol;

    int protocol = mctx->protocol;

    SSLSrvConfigRec *sc = mySrvConfig(s);

    SSLSrvConfigRec *sc = mySrvConfig(s);

    /*

    /*

     *  Create the new per-server SSL context

     *  Create the new per-server SSL context

    mctx->ssl_ctx = ctx;

    mctx->ssl_ctx = ctx;

    /* always disable SSLv2, as per RFC 6176 */

    /* always disable SSLv2, as per RFC 6176 */

    SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);

    SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);

    int              vhost_id_len;

    int              vhost_id_len;

    int              session_cache_timeout;

    int              session_cache_timeout;

    BOOL             cipher_server_pref;

    BOOL             cipher_server_pref;

    BOOL             insecure_reneg;

    BOOL             insecure_reneg;

    modssl_ctx_t    *server;

    modssl_ctx_t    *server;

    modssl_ctx_t    *proxy;

    modssl_ctx_t    *proxy;

const char  *ssl_cmd_SSLCARevocationFile(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCARevocationFile(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCARevocationCheck(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCARevocationCheck(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag);

const char  *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag);

const char  *ssl_cmd_SSLCompression(cmd_parms *, void *, int flag);

const char  *ssl_cmd_SSLCompression(cmd_parms *, void *, int flag);

const char  *ssl_cmd_SSLVerifyClient(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLVerifyClient(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLVerifyDepth(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLVerifyDepth(cmd_parms *, void *, const char *);