summaryrefslogtreecommitdiff
path: root/modules/ssl/ssl_engine_config.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/ssl/ssl_engine_config.c')
-rw-r--r--modules/ssl/ssl_engine_config.c23
1 files changed, 23 insertions, 0 deletions
diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
index 6aab7641..15993f16 100644
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -207,6 +207,9 @@ static SSLSrvConfigRec *ssl_config_server_new(apr_pool_t *p)
#ifdef HAVE_FIPS
sc->fips = UNSET;
#endif
+#ifndef OPENSSL_NO_COMP
+ sc->compression = UNSET;
+#endif
modssl_ctx_init_proxy(sc, p);
@@ -328,6 +331,9 @@ void *ssl_config_server_merge(apr_pool_t *p, void *basev, void *addv)
#ifdef HAVE_FIPS
cfgMergeBool(fips);
#endif
+#ifndef OPENSSL_NO_COMP
+ cfgMergeBool(compression);
+#endif
modssl_ctx_cfg_merge_proxy(base->proxy, add->proxy, mrg->proxy);
@@ -663,6 +669,23 @@ static const char *ssl_cmd_check_file(cmd_parms *parms,
}
+const char *ssl_cmd_SSLCompression(cmd_parms *cmd, void *dcfg, int flag)
+{
+#if !defined(OPENSSL_NO_COMP)
+ SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
+#ifndef SSL_OP_NO_COMPRESSION
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ if (err)
+ return "This version of openssl does not support configuring "
+ "compression within <VirtualHost> sections.";
+#endif
+ sc->compression = flag ? TRUE : FALSE;
+ return NULL;
+#else
+ return "Setting Compression mode unsupported; not implemented by the SSL library";
+#endif
+}
+
const char *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag)
{
#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-15 09:35:44 +0000