Only set SSL_OP_NO_COMPRESSION if supported

author Michael Friedrich <michael.friedrich@netways.de>

Mon, 25 Jan 2016 13:53:26 +0000 (14:53 +0100)

committer Gunnar Beutner <gunnar@beutner.name>

Tue, 23 Feb 2016 09:50:29 +0000 (10:50 +0100)
author Michael Friedrich <michael.friedrich@netways.de>
Mon, 25 Jan 2016 13:53:26 +0000 (14:53 +0100)
committer Gunnar Beutner <gunnar@beutner.name>
Tue, 23 Feb 2016 09:50:29 +0000 (10:50 +0100)
diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp

index e623053bdaf21ad00e78216f3638b2615058847f..cc6efe5890f671cce3a0adc0f871c2811384ccf9 100644 (file)
--- a/lib/base/tlsutility.cpp
+++ b/lib/base/tlsutility.cpp
@@ -85,7 +85,13 @@ boost::shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& pr
  
         boost::shared_ptr<SSL_CTX> sslContext = boost::shared_ptr<SSL_CTX>(SSL_CTX_new(SSLv23_method()), SSL_CTX_free);
  
-       SSL_CTX_set_options(sslContext.get(), SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION);
+       long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
+
+#ifdef SSL_OP_NO_COMPRESSION
+       flags |= SSL_OP_NO_COMPRESSION;
+#endif
+
+       SSL_CTX_set_options(sslContext.get(), flags);
  
         SSL_CTX_set_mode(sslContext.get(), SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
         SSL_CTX_set_session_id_context(sslContext.get(), (const unsigned char *)"Icinga 2", 8);
author	Michael Friedrich <michael.friedrich@netways.de>
	Mon, 25 Jan 2016 13:53:26 +0000 (14:53 +0100)
committer	Gunnar Beutner <gunnar@beutner.name>
	Tue, 23 Feb 2016 09:50:29 +0000 (10:50 +0100)