summaryrefslogtreecommitdiffstats
path: root/debian/perl-framework/t/conf/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'debian/perl-framework/t/conf/ssl')
-rw-r--r--debian/perl-framework/t/conf/ssl/proxyssl.conf.in61
-rw-r--r--debian/perl-framework/t/conf/ssl/ssl.conf.in20
2 files changed, 75 insertions, 6 deletions
diff --git a/debian/perl-framework/t/conf/ssl/proxyssl.conf.in b/debian/perl-framework/t/conf/ssl/proxyssl.conf.in
index dc18fdf..161385b 100644
--- a/debian/perl-framework/t/conf/ssl/proxyssl.conf.in
+++ b/debian/perl-framework/t/conf/ssl/proxyssl.conf.in
@@ -51,6 +51,66 @@
ProxyPass / https://@proxyssl_url@/
ProxyPassReverse / https://@proxyssl_url@/
+
+ ProxyPass /proxy/wsoc wss://localhost:@proxy_https_https_port@/modules/lua/websockets.lua
+ </VirtualHost>
+
+ #here we can test http <-> https using SSLProxyMachine* inside <Proxy>
+ <VirtualHost proxy_http_https_proxy_section>
+ #these are not on by default in the 1.x based mod_ssl
+ <IfDefine APACHE2>
+ SSLProxyEngine On
+
+ SSLProxyProtocol All
+ SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+
+ SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt
+ SSLProxyCACertificatePath @ServerRoot@/conf/ssl
+ SSLProxyCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl
+ <IfVersion >= 2.3.15>
+ SSLProxyCARevocationCheck chain
+ </IfVersion>
+ SSLProxyVerify on
+ SSLProxyVerifyDepth 10
+ </IfDefine>
+
+
+ ProxyPass / https://@proxyssl_url@/
+ ProxyPassReverse / https://@proxyssl_url@/
+ <IfDefine APACHE2>
+ <Proxy https://@proxyssl_url@>
+ SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem
+ #SSLProxyMachineCertificatePath @SSLCA@/asf/proxy
+ </Proxy>
+ </IfDefine>
+ </VirtualHost>
+
+
+ #here we can test https <-> https using SSLProxyMachine* inside <Proxy>
+ <VirtualHost proxy_https_https_proxy_section>
+ SSLEngine on
+
+ #these are not on by default in the 1.x based mod_ssl
+ <IfDefine APACHE2>
+ SSLProxyEngine On
+ SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt
+ SSLProxyVerify on
+ SSLProxyCARevocationPath @SSLCA@/asf/crl
+ <IfVersion >= 2.3.15>
+ SSLProxyCARevocationCheck chain
+ </IfVersion>
+ </IfDefine>
+
+
+ ProxyPass / https://@proxyssl_url@/
+ ProxyPassReverse / https://@proxyssl_url@/
+ <IfDefine APACHE2>
+ <Proxy https://@proxyssl_url@>
+ # ensure that client_ok.pem is picked first:
+ SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem
+ SSLProxyMachineCertificatePath @SSLCA@/asf/proxy
+ </Proxy>
+ </IfDefine>
</VirtualHost>
#here we can test https <-> http
@@ -60,7 +120,6 @@
ProxyPass / http://@servername@:@port@/
ProxyPassReverse / http://@servername@:@port@/
</VirtualHost>
-
</IfModule>
</IfModule>
diff --git a/debian/perl-framework/t/conf/ssl/ssl.conf.in b/debian/perl-framework/t/conf/ssl/ssl.conf.in
index f796b34..6fadf33 100644
--- a/debian/perl-framework/t/conf/ssl/ssl.conf.in
+++ b/debian/perl-framework/t/conf/ssl/ssl.conf.in
@@ -5,11 +5,12 @@
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
- SSLSessionCache none
- #XXX: would be nice to test these
- #SSLSessionCache shm:@ServerRoot@/logs/ssl_scache(512000)
- #SSLSessionCache dbm:@ServerRoot@/logs/ssl_scache
- #SSLSessionCacheTimeout 300
+ <IfDefine TEST_SSL_SESSCACHE>
+ SSLSessionCache ${SSL_SESSCACHE}
+ </IfDefine>
+ <IfDefine !TEST_SSL_SESSCACHE>
+ SSLSessionCache none
+ </IfDefine>
<IfVersion < 2.3.4>
#SSLMutex file:@ServerRoot@/logs/ssl_mutex
@@ -87,6 +88,15 @@
SSLVerifyDepth 10
</Location>
+ # t/ssl/pha.t
+ <Location /require/small>
+ SSLVerifyClient require
+ SSLVerifyDepth 10
+
+ SSLRenegBufferSize 10
+ </Location>
+ Alias /require/small @DocumentRoot@/modules/cgi
+
#t/ssl/require.t
Alias /require/asf @DocumentRoot@
Alias /require/snakeoil @DocumentRoot@
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-27 04:09:22 +0000