www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

If OPENSSL_NO_COMP is defined, omit merging the compression flag.

Browse Source 
Also make some code more compact, as suggested by kbrand.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1348656 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Stefan Fritsch
2012-06-10 20:21:38 +00:00
parent 6dd8ce1c33
commit 88d5d9dbb2
3 changed files with 18 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
modules/ssl/ssl_engine_config.c
View File

@@ -213,7 +213,9 @@ static SSLSrvConfigRec *ssl_config_server_new(apr_pool_t *p)
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
sc->fips = UNSET; sc->fips = UNSET;
#endif #endif
#ifndef OPENSSL_NO_COMP
sc->compression = UNSET; sc->compression = UNSET;
#endif
modssl_ctx_init_proxy(sc, p); modssl_ctx_init_proxy(sc, p);
@@ -340,7 +342,9 @@ void *ssl_config_server_merge(apr_pool_t *p, void *basev, void *addv)
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
cfgMergeBool(fips); cfgMergeBool(fips);
#endif #endif
#ifndef OPENSSL_NO_COMP
cfgMergeBool(compression); cfgMergeBool(compression);
#endif
modssl_ctx_cfg_merge_proxy(base->proxy, add->proxy, mrg->proxy); modssl_ctx_cfg_merge_proxy(base->proxy, add->proxy, mrg->proxy);
@@ -678,7 +682,7 @@ static const char *ssl_cmd_check_file(cmd_parms *parms,
const char *ssl_cmd_SSLCompression(cmd_parms *cmd, void *dcfg, int flag) const char *ssl_cmd_SSLCompression(cmd_parms *cmd, void *dcfg, int flag)
{ {
#if defined(SSL_OP_NO_COMPRESSION) || OPENSSL_VERSION_NUMBER >= 0x00908000L #if !defined(OPENSSL_NO_COMP)
SSLSrvConfigRec *sc = mySrvConfig(cmd->server); SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
#ifndef SSL_OP_NO_COMPRESSION #ifndef SSL_OP_NO_COMPRESSION
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY); const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);

12
modules/ssl/ssl_engine_init.c
View File

@@ -654,17 +654,15 @@ static void ssl_init_ctx_protocol(server_rec *s,
} }
#endif #endif
#ifndef OPENSSL_NO_COMP
if (sc->compression == FALSE) {
#ifdef SSL_OP_NO_COMPRESSION #ifdef SSL_OP_NO_COMPRESSION
/* OpenSSL >= 1.0 only */ /* OpenSSL >= 1.0 only */
if (sc->compression == FALSE) {
SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION); SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION);
}
#elif OPENSSL_VERSION_NUMBER >= 0x00908000L #elif OPENSSL_VERSION_NUMBER >= 0x00908000L
/* workaround for OpenSSL 0.9.8 */ sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
if (sc->compression == FALSE) { #endif
STACK_OF(SSL_COMP)* comp_methods;
comp_methods = SSL_COMP_get_compression_methods();
sk_SSL_COMP_zero(comp_methods);
} }
#endif #endif

7
modules/ssl/ssl_private.h
View File

@@ -185,6 +185,11 @@
#define HAVE_TLSV1_X #define HAVE_TLSV1_X
#endif #endif
#if !defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION) \
&& OPENSSL_VERSION_NUMBER < 0x00908000L
#define OPENSSL_NO_COMP
#endif
/* SRP support came in OpenSSL 1.0.1 */ /* SRP support came in OpenSSL 1.0.1 */
#ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP
#ifdef SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB #ifdef SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB
@@ -693,7 +698,9 @@ struct SSLSrvConfigRec {
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
BOOL fips; BOOL fips;
#endif #endif
#ifndef OPENSSL_NO_COMP
BOOL compression; BOOL compression;
#endif
}; };
/** /**