[tor-commits] [tor/master] Stop poking SSL_CTX->comp_methods
nickm at torproject.org
nickm at torproject.org
Wed May 20 19:35:55 UTC 2015
commit f0a0568e7f77224dea9ecbc22ca159a12e75d4a9
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu May 14 10:24:02 2015 -0400
Stop poking SSL_CTX->comp_methods
---
src/common/tortls.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 168fd56..e0265b4 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1365,12 +1365,17 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
SSL_CTX_set_options(result->ctx,
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
}
+#ifdef SSL_OP_NO_COMPRESSION
+ SSL_CTX_set_options(result->ctx, SSL_OP_NO_COMPRESSION);
+#endif
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
#ifndef OPENSSL_NO_COMP
/* Don't actually allow compression; it uses ram and time, but the data
* we transmit is all encrypted anyway. */
if (result->ctx->comp_methods)
result->ctx->comp_methods = NULL;
#endif
+#endif
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(result->ctx, SSL_MODE_RELEASE_BUFFERS);
#endif
More information about the tor-commits
mailing list