arrfab / rpms / httpd

Forked from rpms/httpd 5 years ago
Clone

Blame SOURCES/httpd-2.4.6-r1556473.patch

706609
# ./pullrev.sh 1556473
706609
706609
https://bugzilla.redhat.com/show_bug.cgi?id=1036666
706609
706609
http://svn.apache.org/viewvc?view=revision&revision=1556473
706609
706609
--- httpd-2.4.6/modules/ssl/ssl_engine_config.c
706609
+++ httpd-2.4.6/modules/ssl/ssl_engine_config.c
706609
@@ -699,9 +699,20 @@
706609
 #ifndef SSL_OP_NO_COMPRESSION
706609
     const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
706609
     if (err)
706609
-        return "This version of openssl does not support configuring "
706609
-               "compression within <VirtualHost> sections.";
706609
+        return "This version of OpenSSL does not support enabling "
706609
+               "SSLCompression within <VirtualHost> sections.";
706609
 #endif
706609
+    if (flag) {
706609
+        /* Some (packaged) versions of OpenSSL do not support
706609
+         * compression by default.  Enabling this directive would not
706609
+         * have the desired effect, so fail with an error. */
706609
+        STACK_OF(SSL_COMP) *meths = SSL_COMP_get_compression_methods();
706609
+
706609
+        if (sk_SSL_COMP_num(meths) == 0) {
706609
+            return "This version of OpenSSL does not have any compression methods "
706609
+                "available, cannot enable SSLCompression.";
706609
+        }
706609
+    }
706609
     sc->compression = flag ? TRUE : FALSE;
706609
     return NULL;
706609
 #else