Stop poking SSL_CTX->comp_methods

author Nick Mathewson <nickm@torproject.org>

Thu, 14 May 2015 14:24:02 +0000 (10:24 -0400)

committer Nick Mathewson <nickm@torproject.org>

Wed, 20 May 2015 19:27:36 +0000 (15:27 -0400)
author Nick Mathewson <nickm@torproject.org>
Thu, 14 May 2015 14:24:02 +0000 (10:24 -0400)
committer Nick Mathewson <nickm@torproject.org>
Wed, 20 May 2015 19:27:36 +0000 (15:27 -0400)
diff --git a/src/common/tortls.c b/src/common/tortls.c

index 168fd56167adc669539caa242388da96ac75c4c1..e0265b493943fe4fa34509ef1a355a68b8bb47b2 100644 (file)
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1365,12 +1365,17 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
      SSL_CTX_set_options(result->ctx,
                          SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
    }
+#ifdef SSL_OP_NO_COMPRESSION
+  SSL_CTX_set_options(result->ctx, SSL_OP_NO_COMPRESSION);
+#endif
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
  #ifndef OPENSSL_NO_COMP
    /* Don't actually allow compression; it uses ram and time, but the data
     * we transmit is all encrypted anyway. */
    if (result->ctx->comp_methods)
      result->ctx->comp_methods = NULL;
  #endif
+#endif
  #ifdef SSL_MODE_RELEASE_BUFFERS
    SSL_CTX_set_mode(result->ctx, SSL_MODE_RELEASE_BUFFERS);
  #endif
author	Nick Mathewson <nickm@torproject.org>
	Thu, 14 May 2015 14:24:02 +0000 (10:24 -0400)
committer	Nick Mathewson <nickm@torproject.org>
	Wed, 20 May 2015 19:27:36 +0000 (15:27 -0400)