disable softfail by default (in line with documentation)

author Matthew Newton <mcn4@leicester.ac.uk>

Mon, 10 Nov 2014 23:39:09 +0000 (23:39 +0000)

committer Matthew Newton <mcn4@leicester.ac.uk>

Mon, 10 Nov 2014 23:39:09 +0000 (23:39 +0000)
author Matthew Newton <mcn4@leicester.ac.uk>
Mon, 10 Nov 2014 23:39:09 +0000 (23:39 +0000)
committer Matthew Newton <mcn4@leicester.ac.uk>
Mon, 10 Nov 2014 23:39:09 +0000 (23:39 +0000)
diff --git a/src/main/tls.c b/src/main/tls.c

index 8055088..d5a0f5a 100644 (file)
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -917,7 +917,7 @@ static CONF_PARSER ocsp_config[] = {
         { "url", FR_CONF_OFFSET(PW_TYPE_STRING, fr_tls_server_conf_t, ocsp_url), NULL },
         { "use_nonce", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, fr_tls_server_conf_t, ocsp_use_nonce), "yes" },
         { "timeout", FR_CONF_OFFSET(PW_TYPE_INTEGER, fr_tls_server_conf_t, ocsp_timeout), "yes" },
-       { "softfail", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, fr_tls_server_conf_t, ocsp_softfail), "yes" },
+       { "softfail", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, fr_tls_server_conf_t, ocsp_softfail), "no" },
         { NULL, -1, 0, NULL, NULL }        /* end the list */
  };
  #endif
author	Matthew Newton <mcn4@leicester.ac.uk>
	Mon, 10 Nov 2014 23:39:09 +0000 (23:39 +0000)
committer	Matthew Newton <mcn4@leicester.ac.uk>
	Mon, 10 Nov 2014 23:39:09 +0000 (23:39 +0000)