diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-06-20 20:09:16 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-06-20 20:09:16 +0100 |
| commit | afb80e7bad35c2ae6d7d7f16b99a75b349b8a5ae (patch) | |
| tree | e000c0edae1f86339cd40718d22c7899648d0ca6 | |
| parent | fd4b04ee901c78b8831681df36603e459bfe0f81 (diff) | |
| download | rspamd-afb80e7bad35c2ae6d7d7f16b99a75b349b8a5ae.tar.gz rspamd-afb80e7bad35c2ae6d7d7f16b99a75b349b8a5ae.zip | |
[Fix] Add workaround for ancient openssl
| -rw-r--r-- | src/libutil/util.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/libutil/util.c b/src/libutil/util.c index 0edbb7c61..cf6101e4d 100644 --- a/src/libutil/util.c +++ b/src/libutil/util.c @@ -1977,6 +1977,7 @@ rspamd_init_libs (void) struct rlimit rlim; struct rspamd_external_libs_ctx *ctx; struct ottery_config *ottery_cfg; + gint ssl_options; ctx = g_slice_alloc0 (sizeof (*ctx)); ctx->crypto_ctx = rspamd_cryptobox_init (); @@ -2042,7 +2043,15 @@ rspamd_init_libs (void) ctx->ssl_ctx = SSL_CTX_new (SSLv23_method ()); SSL_CTX_set_verify (ctx->ssl_ctx, SSL_VERIFY_PEER, NULL); SSL_CTX_set_verify_depth (ctx->ssl_ctx, 4); - SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_COMPRESSION); + ssl_options = SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3; + +#ifdef SSL_OP_NO_COMPRESSION + ssl_options |= SSL_OP_NO_COMPRESSION; +#elif OPENSSL_VERSION_NUMBER >= 0x00908000L + sk_SSL_COMP_zero (SSL_COMP_get_compression_methods ()); +#endif + + SSL_CTX_set_options (ctx->ssl_ctx, ssl_options); #endif g_random_set_seed (ottery_rand_uint32 ()); |