arrfab / rpms / httpd

Forked from rpms/httpd 5 years ago
Clone
Blob Blame History Raw
# ./pullrev.sh 1556473

https://bugzilla.redhat.com/show_bug.cgi?id=1036666

http://svn.apache.org/viewvc?view=revision&revision=1556473

--- httpd-2.4.6/modules/ssl/ssl_engine_config.c
+++ httpd-2.4.6/modules/ssl/ssl_engine_config.c
@@ -699,9 +699,20 @@
 #ifndef SSL_OP_NO_COMPRESSION
     const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
     if (err)
-        return "This version of openssl does not support configuring "
-               "compression within <VirtualHost> sections.";
+        return "This version of OpenSSL does not support enabling "
+               "SSLCompression within <VirtualHost> sections.";
 #endif
+    if (flag) {
+        /* Some (packaged) versions of OpenSSL do not support
+         * compression by default.  Enabling this directive would not
+         * have the desired effect, so fail with an error. */
+        STACK_OF(SSL_COMP) *meths = SSL_COMP_get_compression_methods();
+
+        if (sk_SSL_COMP_num(meths) == 0) {
+            return "This version of OpenSSL does not have any compression methods "
+                "available, cannot enable SSLCompression.";
+        }
+    }
     sc->compression = flag ? TRUE : FALSE;
     return NULL;
 #else