From: Yann Ylavic <ylavic@apache.org>
Date: Tue, 26 Mar 2024 17:00:09 +0000 (+0000)
Subject: mod_ssl: Allow for "SSLCompression off" still when OPENSSL_NO_COMP.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=65087e1f446454f9499c47f59885495f92deaf71;p=thirdparty%2Fapache%2Fhttpd.git

mod_ssl: Allow for "SSLCompression off" still when OPENSSL_NO_COMP.

Latest OpenSSL versions have OPENSSL_NO_COMP by default, avoid breaking
existing "SSLCompression off" in configurations since it's a noop.

* modules/ssl/ssl_engine_config.c(ssl_cmd_SSLCompression):
  Don't fail for OPENSSL_NO_COMP if the flag is "off".



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916561 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
index efd293169b1..f68ef7e8008 100644
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -951,10 +951,12 @@ const char *ssl_cmd_SSLCompression(cmd_parms *cmd, void *dcfg, int flag)
         }
     }
     sc->compression = flag ? TRUE : FALSE;
-    return NULL;
 #else
-    return "Setting Compression mode unsupported; not implemented by the SSL library";
+    if (flag) {
+        return "Setting Compression mode unsupported; not implemented by the SSL library";
+    }
 #endif
+    return NULL;
 }
 
 const char *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag)