View | Details | Raw Unified | Return to bug 53219
Collapse All | Expand All

(-)modules/ssl/mod_ssl.c (+3 lines)
Lines 146-151 Link Here
146 
                "(`[+-][SSLv2|SSLv3|TLSv1] ...' - see manual)")
 146 
                "(`[+-][SSLv2|SSLv3|TLSv1] ...' - see manual)")
147 
    SSL_CMD_SRV(HonorCipherOrder, FLAG,
 147 
    SSL_CMD_SRV(HonorCipherOrder, FLAG,
148 
                "Use the server's cipher ordering preference")
 148 
                "Use the server's cipher ordering preference")
149 
    SSL_CMD_SRV(Compression, FLAG,
150 
                "Enable SSL level compression"
151 
                "(`on', `off')")
149 
    SSL_CMD_SRV(InsecureRenegotiation, FLAG,
 152 
    SSL_CMD_SRV(InsecureRenegotiation, FLAG,
150 
                "Enable support for insecure renegotiation")
 153 
                "Enable support for insecure renegotiation")
151 
    SSL_CMD_ALL(UserName, TAKE1,
 154 
    SSL_CMD_ALL(UserName, TAKE1,
(-)modules/ssl/ssl_engine_config.c (+13 lines)
Lines 178-183 Link Here
178 
#ifdef HAVE_FIPS
 178 
#ifdef HAVE_FIPS
179 
    sc->fips                   = UNSET;
 179 
    sc->fips                   = UNSET;
180 
#endif
 180 
#endif
181 
    sc->compression            = UNSET;
181 

          182
          

        

        

          182
          
    modssl_ctx_init_proxy(sc, p);

          183
          
    modssl_ctx_init_proxy(sc, p);

        

        

          183
          

          184
          

        

  

    
      
            Lines 275-280
          
      
      
        Link Here
      
    
  

        

          275
          
#ifdef HAVE_FIPS

          276
          
#ifdef HAVE_FIPS

        

        

          276
          
    cfgMergeBool(fips);

          277
          
    cfgMergeBool(fips);

        

        

          277
          
#endif

          278
          
#endif

        

            

              
              
              279
              
    cfgMergeBool(compression);

            

        

          278
          

          280
          

        

        

          279
          
    modssl_ctx_cfg_merge_proxy(base->proxy, add->proxy, mrg->proxy);

          281
          
    modssl_ctx_cfg_merge_proxy(base->proxy, add->proxy, mrg->proxy);

        

        

          280
          

          282
          

        

  

    
      
            Lines 708-713
          
      
      
        Link Here
      
    
  

        

          708
          

          710
          

        

        

          709
          
}

          711
          
}

        

        

          710
          

          712
          

        

            

              
              
              713
              
const char *ssl_cmd_SSLCompression(cmd_parms *cmd, void *dcfg, int flag)

            

            

              714
              
{

            

            

              715
              
#ifdef SSL_OP_NO_COMPRESSION

            

            

              716
              
    SSLSrvConfigRec *sc = mySrvConfig(cmd->server);

            

            

              717
              
    sc->compression = flag?TRUE:FALSE;

            

            

              718
              
    return NULL;

            

            

              719
              
#else

            

            

              720
              
    return "Setting Compression mode unsupported; not implemented by the SSL library";

            

            

              721
              
#endif

            

            

              722
              
}

            

            

              723
              

            

        

          711
          
const char *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag)

          724
          
const char *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag)

        

        

          712
          
{

          725
          
{

        

        

          713
          
#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE

          726
          
#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE

        



(-)modules/ssl/ssl_engine_init.c
      (+6 lines)




  

    
      
            Lines 505-510
          
      
      
        Link Here
      
    
  

        

          505
          
    }

          505
          
    }

        

        

          506
          
#endif

          506
          
#endif

        

        

          507
          

          507
          

        

            

              
              
              508
              
#ifdef SSL_OP_NO_COMPRESSION

            

            

              509
              
    if (sc->compression == FALSE) {

            

            

              510
              
        SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION);

            

            

              511
              
    }

            

            

              512
              
#endif

            

            

              513
              

            

        

          508
          
#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION

          514
          
#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION

        

        

          509
          
    if (sc->insecure_reneg == TRUE) {

          515
          
    if (sc->insecure_reneg == TRUE) {

        

        

          510
          
        SSL_CTX_set_options(ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);

          516
          
        SSL_CTX_set_options(ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);

        



(-)modules/ssl/ssl_private.h
      (+2 lines)




  

    
      
            Lines 486-491
          
      
      
        Link Here
      
    
  

        

          486
          
#ifdef HAVE_FIPS

          486
          
#ifdef HAVE_FIPS

        

        

          487
          
    BOOL             fips;

          487
          
    BOOL             fips;

        

        

          488
          
#endif

          488
          
#endif

        

            

              
              
              489
              
    BOOL             compression;

            

        

          489
          
};

          490
          
};

        

        

          490
          

          491
          

        

        

          491
          
/**

          492
          
/**

        

  

    
      
            Lines 542-547
          
      
      
        Link Here
      
    
  

        

          542
          
const char  *ssl_cmd_SSLCARevocationPath(cmd_parms *, void *, const char *);

          543
          
const char  *ssl_cmd_SSLCARevocationPath(cmd_parms *, void *, const char *);

        

        

          543
          
const char  *ssl_cmd_SSLCARevocationFile(cmd_parms *, void *, const char *);

          544
          
const char  *ssl_cmd_SSLCARevocationFile(cmd_parms *, void *, const char *);

        

        

          544
          
const char  *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag);

          545
          
const char  *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag);

        

            

              
              
              546
              
const char  *ssl_cmd_SSLCompression(cmd_parms *, void *, int flag);

            

        

          545
          
const char  *ssl_cmd_SSLVerifyClient(cmd_parms *, void *, const char *);

          547
          
const char  *ssl_cmd_SSLVerifyClient(cmd_parms *, void *, const char *);

        

        

          546
          
const char  *ssl_cmd_SSLVerifyDepth(cmd_parms *, void *, const char *);

          548
          
const char  *ssl_cmd_SSLVerifyDepth(cmd_parms *, void *, const char *);

        

        

          547
          
const char  *ssl_cmd_SSLSessionCache(cmd_parms *, void *, const char *);

          549
          
const char  *ssl_cmd_SSLSessionCache(cmd_parms *, void *, const char *);

        






  

  Return to bug 53219