Add new directive SSLCompression to disable SSL-level compression.

PR: 53219
Submitted by: Björn Jacke <bjoern j3e de>, Stefan Fritsch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1345319 13f79535-47bb-0310-9956-ffa450edef68

modules/ssl/ssl_engine_config.c

@@ -207,6 +207,7 @@ static SSLSrvConfigRec *ssl_config_server_new(apr_pool_t *p)
 #ifdef HAVE_FIPS
     sc->fips                   = UNSET;
 #endif
+    sc->compression            = UNSET;
 
     modssl_ctx_init_proxy(sc, p);
 
@@ -328,6 +329,7 @@ void *ssl_config_server_merge(apr_pool_t *p, void *basev, void *addv)
 #ifdef HAVE_FIPS
     cfgMergeBool(fips);
 #endif
+    cfgMergeBool(compression);
 
     modssl_ctx_cfg_merge_proxy(base->proxy, add->proxy, mrg->proxy);
 
@@ -663,6 +665,23 @@ static const char *ssl_cmd_check_file(cmd_parms *parms,
 
 }
 
+const char *ssl_cmd_SSLCompression(cmd_parms *cmd, void *dcfg, int flag)
+{
+#if defined(SSL_OP_NO_COMPRESSION) || OPENSSL_VERSION_NUMBER >= 0x00908000L
+    SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
+#ifndef SSL_OP_NO_COMPRESSION
+    const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+    if (err)
+        return "This version of openssl does not support configuring "
+               "compression within <VirtualHost> sections.";
+#endif
+    sc->compression = flag ? TRUE : FALSE;
+    return NULL;
+#else
+    return "Setting Compression mode unsupported; not implemented by the SSL library";
+#endif
+}
+
 const char *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag)
 {
 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE