]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
ssl: deprecate no_compression in ssl_options
authorMartti Rannanjärvi <martti.rannanjarvi@dovecot.fi>
Tue, 29 Nov 2016 07:38:21 +0000 (09:38 +0200)
committerMartti Rannanjärvi <martti.rannanjarvi@dovecot.fi>
Fri, 24 Mar 2017 13:31:29 +0000 (15:31 +0200)
Compression is now disabled by default.

doc/example-config/conf.d/10-ssl.conf
src/lib-master/master-service-ssl-settings.c

index f3006ff7c200a49afb674281441b86d9aeec63b3..a9a58e0938c964fde91829194faad5897947c181 100644 (file)
@@ -68,6 +68,6 @@ ssl_key = </etc/ssl/private/dovecot.pem
 #ssl_crypto_device =
 
 # SSL extra options. Currently supported options are:
-#   no_compression - Disable compression.
+#   compression - Enable compression.
 #   no_ticket - Disable SSL session tickets.
 #ssl_options =
index 1a3c4f7d8a39487ece420a894601588702a39ed6..2427938fe78f30f43517fe9198c489a6cd1f98a1 100644 (file)
@@ -115,15 +115,20 @@ master_service_ssl_settings_check(void *_set, pool_t pool ATTR_UNUSED,
 
        /* Now explode the ssl_options string into individual flags */
        /* First set them all to defaults */
-       set->parsed_opts.compression = TRUE;
+       set->parsed_opts.compression = FALSE;
        set->parsed_opts.tickets = TRUE;
 
        /* Then modify anything specified in the string */
        const char **opts = t_strsplit_spaces(set->ssl_options, ", ");
        const char *opt;
        while ((opt = *opts++) != NULL) {
-               if (strcasecmp(opt, "no_compression") == 0) {
-                       set->parsed_opts.compression = FALSE;
+               if (strcasecmp(opt, "compression") == 0) {
+                       set->parsed_opts.compression = TRUE;
+               } else if (strcasecmp(opt, "no_compression") == 0) {
+#ifdef CONFIG_BINARY
+                       i_warning("DEPRECATED: no_compression is default, "
+                                 "so it is redundant in ssl_options");
+#endif
                } else if (strcasecmp(opt, "no_ticket") == 0) {
                        set->parsed_opts.tickets = FALSE;
                } else {