commit 577462379ddb38a4bd1ed3840ad4252acd86961e
parent 79a736fc164f2781c6823641f9944a794cd2c3ad
Author: Joris Vink <joris@coders.se>
Date: Tue, 5 Aug 2014 13:07:32 +0200
Deprecate ssl_no_compression config option, its always on.
Diffstat:
11 files changed, 2 insertions(+), 20 deletions(-)
diff --git a/conf/kore.conf.example b/conf/kore.conf.example
@@ -60,9 +60,6 @@ validator v_session function v_session_validate
# a generated DH key (See OpenSSL dhparam).
#ssl_dhparam dh2048.pem
-# Set this if you want to disable SSL zlib compression.
-ssl_no_compression
-
# Specify the amount of seconds a SPDY connection is kept open.
# You can keep it open indefinately by setting this to 0.
#spdy_idle_time 120
diff --git a/examples/generic/conf/generic.conf b/examples/generic/conf/generic.conf
@@ -10,8 +10,6 @@ validator v_regex regex ^/test/[a-z]*$
validator v_number regex ^[0-9]*$
validator v_session function v_session_validate
-ssl_no_compression
-
authentication auth_example {
authentication_type cookie
authentication_value session_id
diff --git a/examples/headers/conf/headers.conf b/examples/headers/conf/headers.conf
@@ -2,7 +2,6 @@
bind 127.0.0.1 8888
pidfile kore.pid
-ssl_no_compression
load ./headers.so
domain 127.0.0.1 {
diff --git a/examples/json_yajl/conf/json_yajl.conf b/examples/json_yajl/conf/json_yajl.conf
@@ -2,7 +2,6 @@
bind 127.0.0.1 8888
pidfile kore.pid
-ssl_no_compression
load ./json_yajl.so
domain 127.0.0.1 {
diff --git a/examples/parameters/conf/parameters.conf b/examples/parameters/conf/parameters.conf
@@ -2,7 +2,6 @@
bind 127.0.0.1 8888
pidfile kore.pid
-ssl_no_compression
load ./parameters.so
# The validator used to validate the 'id' parameter
diff --git a/examples/pgsql/conf/pgsql.conf b/examples/pgsql/conf/pgsql.conf
@@ -2,8 +2,6 @@
bind 127.0.0.1 8888
pidfile kore.pid
-
-ssl_no_compression
load ./pgsql.so pgsql_load
pgsql_conn_max 5
diff --git a/examples/tasks/conf/tasks.conf b/examples/tasks/conf/tasks.conf
@@ -2,11 +2,8 @@
bind 127.0.0.1 8888
pidfile kore.pid
-
load ./tasks.so
-ssl_no_compression
-
validator v_user regex ^[a-z]*$
domain 127.0.0.1 {
diff --git a/includes/kore.h b/includes/kore.h
@@ -310,7 +310,6 @@ extern char *kore_pidfile;
extern char *config_file;
extern char *kore_ssl_cipher_list;
extern DH *ssl_dhparam;
-extern int ssl_no_compression;
extern u_int8_t nlisteners;
extern u_int64_t spdy_idle_time;
diff --git a/src/cli.c b/src/cli.c
@@ -157,7 +157,6 @@ static const char *config_data =
"\n"
"bind\t\t127.0.0.1 8888\n"
"pidfile\t\tkore.pid\n"
- "ssl_no_compression\n"
"load\t\t./%s.so\n"
"\n"
"domain 127.0.0.1 {\n"
diff --git a/src/config.c b/src/config.c
@@ -293,8 +293,7 @@ configure_ssl_dhparam(char **argv)
static int
configure_ssl_no_compression(char **argv)
{
- ssl_no_compression = 1;
-
+ printf("ssl_no_compression is deprecated, and always on by default\n");
return (KORE_RESULT_OK);
}
diff --git a/src/domain.c b/src/domain.c
@@ -21,7 +21,6 @@
struct kore_domain_h domains;
struct kore_domain *primary_dom = NULL;
DH *ssl_dhparam = NULL;
-int ssl_no_compression = 0;
void
kore_domain_init(void)
@@ -96,8 +95,7 @@ kore_domain_sslstart(struct kore_domain *dom)
#endif
}
- if (ssl_no_compression)
- SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_NO_COMPRESSION);
+ SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_NO_COMPRESSION);
if (dom->cafile != NULL) {
if ((certs = SSL_load_client_CA_file(dom->cafile)) == NULL) {
