MINOR: ssl: rename tune.ssl.ocsp-update.mode in ocsp-update.mode

Since the ocsp-update is not strictly a tuning of the SSL stack, but a
feature of its own, lets rename the option.

The option was also missing from the index.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index bc7cd7f0af7b91e73800b7039e91ca07ca47795f..621eb6bd1eb12f04343a07e42040458b2b16dd88 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -1291,6 +1291,7 @@ The following keywords are supported in the "global" section :
    - node
    - numa-cpu-mapping
    - ocsp-update.httpproxy
+   - ocsp-update.mode
    - pidfile
    - pp2-never-send-local
    - presetenv
@@ -2170,11 +2171,19 @@ numa-cpu-mapping
   already specified, for example via the 'cpu-map' directive or the taskset
   utility.
 
+
 ocsp-update.httpproxy <address>[:port]
   Allow to use an HTTP proxy for the OCSP updates. This only works with HTTP,
   HTTPS is not supported. This option will allow the OCSP updater to send
   absolute URI in the request to the proxy.
 
+ocsp-update.mode [ on | off ]
+  Sets the default ocsp-update mode for all certificates used in the
+  configuration. This global option can be superseded by the crt-list
+  "ocsp-update" option. This option is set to "off" by default.
+  See option "ocsp-update" for more information about the auto update
+  mechanism.
+
 pidfile <pidfile>
   Writes PIDs of all daemons into file <pidfile> when daemon mode or writes PID
   of master process into file <pidfile> when master-worker mode. This option is
@@ -4025,15 +4034,6 @@ tune.ssl.ocsp-update.mindelay <number>
   "tune.ssl.ocsp-update.maxdelay". See option "ocsp-update" for more
   information about the auto update mechanism.
 
-tune.ssl.ocsp-update.mode [ on | off ]
-  Sets the default ocsp-update mode for all certificates used in the
-  configuration. This global option can be superseded by the crt-list
-  "ocsp-update" option but an error will be raised if a given certificate has
-  two distinct configurations simultaneously. This option is set to "off" by
-  default.
-  See option "ocsp-update" for more information about the auto update
-  mechanism.
-
 tune.stick-counters <number>
   Sets the number of stick-counters that may be tracked at the same time by a
   connection or a request via "track-sc*" actions in "tcp-request" or

diff --git a/src/ssl_ocsp.c b/src/ssl_ocsp.c
index fa1a6e7bc6e4442559dfaf03eb2d585f9b6e4dd4..8214fe6e18f0d718b4a2deec119ecad06c4c1173 100644 (file)
--- a/src/ssl_ocsp.c
+++ b/src/ssl_ocsp.c
@@ -2024,7 +2024,7 @@ static struct cfg_kw_list cfg_kws = {ILH, {
 #ifndef OPENSSL_NO_OCSP
        { CFG_GLOBAL, "tune.ssl.ocsp-update.maxdelay", ssl_parse_global_ocsp_maxdelay },
        { CFG_GLOBAL, "tune.ssl.ocsp-update.mindelay", ssl_parse_global_ocsp_mindelay },
-       { CFG_GLOBAL, "tune.ssl.ocsp-update.mode", ssl_parse_global_ocsp_update_mode },
+       { CFG_GLOBAL, "ocsp-update.mode", ssl_parse_global_ocsp_update_mode },
        { CFG_GLOBAL, "ocsp-update.httpproxy", ocsp_update_parse_global_http_proxy },
 #endif
        { 0, NULL, NULL },