Fossil SCM

add FOSSIL_ENABLE_SSL guards to new code

rdb 2022-01-15 16:49 tls-server-fix

Commit 9c68e9f8ca554e0b8c83fb1672336e79e3254975757f3bbbcca41c5be211fc51

Parent 81c486badfaa806…

1 file changed +5 -2

M src/main.c

+5 -2

		--- src/main.c
		+++ src/main.c
		@@ -3119,15 +3119,16 @@
3119	3119	** get tls / ssl options, the calls that use these options need
3120	3120	** access to the repo database which has not been found yet.
3121	3121	** we get and store them now, as find_option removes them from
3122	3122	** argv
3123	3123	*/
	3124	+#if FOSSIL_ENABLE_SSL
3124	3125	zCertFile = find_option("tls-cert-file",0,1);
3125	3126	if( find_option("tls",0,0)!=0 \|\| find_option("ssl",0,0)!=0 ){
3126	3127	zTls = 1;
3127	3128	}
3128		-
	3129	+#endif
3129	3130	if( find_option("localhost", 0, 0)!=0 ){
3130	3131	flags \|= HTTP_SERVER_LOCALHOST;
3131	3132	}
3132	3133	g.zCkoutAlias = find_option("ckout-alias",0,1);
3133	3134	g.zMainMenuFile = find_option("mainmenu",0,1);
		@@ -3193,11 +3194,13 @@
3193	3194	** We need call enable TLS / SSL here as we need query the
3194	3195	** repo database to access the certificate if its been loaded
3195	3196	**
3196	3197	** The database has only just been found and made available
3197	3198	*/
3198		- init_ssl_decoder(zCertFile, zTls);
	3199	+#if FOSSIL_ENABLE_SSL
	3200	+ init_ssl_decoder(zCertFile, zTls);
	3201	+#endif
3199	3202	if( find_option("https",0,0)!=0 \|\| g.httpUseSSL ){
3200	3203	cgi_replace_parameter("HTTPS","on");
3201	3204	}
3202	3205	if( g.httpUseSSL && (flags & HTTP_SERVER_SCGI)!=0 ){
3203	3206	fossil_fatal("SCGI does not (yet) support TLS-encrypted connections");
3204	3207

	--- src/main.c
	+++ src/main.c
	@@ -3119,15 +3119,16 @@
3119	** get tls / ssl options, the calls that use these options need
3120	** access to the repo database which has not been found yet.
3121	** we get and store them now, as find_option removes them from
3122	** argv
3123	*/

3124	zCertFile = find_option("tls-cert-file",0,1);
3125	if( find_option("tls",0,0)!=0 \|\| find_option("ssl",0,0)!=0 ){
3126	zTls = 1;
3127	}
3128
3129	if( find_option("localhost", 0, 0)!=0 ){
3130	flags \|= HTTP_SERVER_LOCALHOST;
3131	}
3132	g.zCkoutAlias = find_option("ckout-alias",0,1);
3133	g.zMainMenuFile = find_option("mainmenu",0,1);
	@@ -3193,11 +3194,13 @@
3193	** We need call enable TLS / SSL here as we need query the
3194	** repo database to access the certificate if its been loaded
3195	**
3196	** The database has only just been found and made available
3197	*/
3198	init_ssl_decoder(zCertFile, zTls);


3199	if( find_option("https",0,0)!=0 \|\| g.httpUseSSL ){
3200	cgi_replace_parameter("HTTPS","on");
3201	}
3202	if( g.httpUseSSL && (flags & HTTP_SERVER_SCGI)!=0 ){
3203	fossil_fatal("SCGI does not (yet) support TLS-encrypted connections");
3204

	--- src/main.c
	+++ src/main.c
	@@ -3119,15 +3119,16 @@
3119	** get tls / ssl options, the calls that use these options need
3120	** access to the repo database which has not been found yet.
3121	** we get and store them now, as find_option removes them from
3122	** argv
3123	*/
3124	#if FOSSIL_ENABLE_SSL
3125	zCertFile = find_option("tls-cert-file",0,1);
3126	if( find_option("tls",0,0)!=0 \|\| find_option("ssl",0,0)!=0 ){
3127	zTls = 1;
3128	}
3129	#endif
3130	if( find_option("localhost", 0, 0)!=0 ){
3131	flags \|= HTTP_SERVER_LOCALHOST;
3132	}
3133	g.zCkoutAlias = find_option("ckout-alias",0,1);
3134	g.zMainMenuFile = find_option("mainmenu",0,1);
	@@ -3193,11 +3194,13 @@
3194	** We need call enable TLS / SSL here as we need query the
3195	** repo database to access the certificate if its been loaded
3196	**
3197	** The database has only just been found and made available
3198	*/
3199	#if FOSSIL_ENABLE_SSL
3200	init_ssl_decoder(zCertFile, zTls);
3201	#endif
3202	if( find_option("https",0,0)!=0 \|\| g.httpUseSSL ){
3203	cgi_replace_parameter("HTTPS","on");
3204	}
3205	if( g.httpUseSSL && (flags & HTTP_SERVER_SCGI)!=0 ){
3206	fossil_fatal("SCGI does not (yet) support TLS-encrypted connections");
3207