--- loncom/lonnet/perl/lonnet.pm	2021/04/18 02:24:05	1.1448
+++ loncom/lonnet/perl/lonnet.pm	2021/04/29 17:45:23	1.1449
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.1448 2021/04/18 02:24:05 raeburn Exp $
+# $Id: lonnet.pm,v 1.1449 2021/04/29 17:45:23 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -2781,7 +2781,7 @@ sub get_domain_defaults {
         }
     }
     if (ref($domconfig{'wafproxy'}) eq 'HASH') {
-        foreach my $item ('ipheader','trusted','vpnint','vpnext') {
+        foreach my $item ('ipheader','trusted','vpnint','vpnext','sslopt') {
             if ($domconfig{'wafproxy'}{$item}) {
                 $domdefaults{'waf_'.$item} = $domconfig{'wafproxy'}{$item};
             }
@@ -14354,6 +14354,22 @@ sub uses_sts {
     return;
 }
 
+sub waf_allssl {
+    my ($host_name) = @_;
+    my $alias = &get_proxy_alias();
+    if ($host_name eq '') {
+        $host_name = $ENV{'SERVER_NAME'};
+    }
+    if (($host_name ne '') && ($alias eq $host_name)) {
+        my $serverhomedom = &host_domain($perlvar{'lonHostID'});
+        my %defdomdefaults = &get_domain_defaults($serverhomedom);
+        if ($defdomdefaults{'waf_sslopt'}) {
+            return $defdomdefaults{'waf_sslopt'};
+        }
+    }
+    return;
+}
+
 sub get_requestor_ip {
     my ($r,$nolookup,$noproxy) = @_;
     my $from_ip;
@@ -14422,6 +14438,7 @@ sub get_proxy_settings {
                        trusted  => $domdefaults{'waf_trusted'},
                        vpnint   => $domdefaults{'waf_vpnint'},
                        vpnext   => $domdefaults{'waf_vpnext'},
+                       sslopt   => $domdefaults{'waf_sslopt'},
                     };
     return $proxyinfo;
 }