[icinga-checkins] icinga.org: icinga2/master: Revert " Only set SSL_OP_NO_COMPRESSION if supported"

git at icinga.org git at icinga.org
Wed May 25 15:10:49 CEST 2016


Module: icinga2
Branch: master
Commit: 732fdbdfa92d7f77bc3a02f0c763fdd786604608
URL:    https://git.icinga.org/?p=icinga2.git;a=commit;h=732fdbdfa92d7f77bc3a02f0c763fdd786604608

Author: Michael Friedrich <michael.friedrich at netways.de>
Date:   Wed May 25 15:08:57 2016 +0200

Revert "Only set SSL_OP_NO_COMPRESSION if supported"

This reverts commit d1cc56bbaa95ccbe83fd3ee46a2ea7a84f60a3c9.

---

 lib/base/tlsutility.cpp |    8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp
index df373ba..4a18e33 100644
--- a/lib/base/tlsutility.cpp
+++ b/lib/base/tlsutility.cpp
@@ -85,13 +85,7 @@ boost::shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& pr
 
 	boost::shared_ptr<SSL_CTX> sslContext = boost::shared_ptr<SSL_CTX>(SSL_CTX_new(SSLv23_method()), SSL_CTX_free);
 
-	long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
-
-#ifdef SSL_OP_NO_COMPRESSION
-	flags |= SSL_OP_NO_COMPRESSION;
-#endif
-
-	SSL_CTX_set_options(sslContext.get(), flags);
+	SSL_CTX_set_options(sslContext.get(), SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION);
 
 	SSL_CTX_set_mode(sslContext.get(), SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
 	SSL_CTX_set_session_id_context(sslContext.get(), (const unsigned char *)"Icinga 2", 8);



More information about the icinga-checkins mailing list