Deprecate ssl_no_compression config option, its always on.

2014-08-05 13:07:32 +02:00 · 2014-08-05 13:07:32 +02:00 · 577462379d
parent 79a736fc16
commit 577462379d
11 changed files with 2 additions and 20 deletions
--- a/conf/kore.conf.example
+++ b/conf/kore.conf.example
@ -60,9 +60,6 @@ validator	v_session	function	v_session_validate
 # a generated DH key (See OpenSSL dhparam).
 #ssl_dhparam	dh2048.pem

-# Set this if you want to disable SSL zlib compression.
-ssl_no_compression
-
 # Specify the amount of seconds a SPDY connection is kept open.
 # You can keep it open indefinately by setting this to 0.
 #spdy_idle_time		120
--- a/examples/generic/conf/generic.conf
+++ b/examples/generic/conf/generic.conf
@ -10,8 +10,6 @@ validator	v_regex		regex		^/test/[a-z]*$
 validator	v_number	regex		^[0-9]*$
 validator	v_session	function	v_session_validate

-ssl_no_compression
-
 authentication auth_example {
 	authentication_type		cookie
 	authentication_value		session_id
--- a/examples/headers/conf/headers.conf
+++ b/examples/headers/conf/headers.conf
@ -2,7 +2,6 @@

 bind		127.0.0.1 8888
 pidfile		kore.pid
-ssl_no_compression
 load		./headers.so

 domain 127.0.0.1 {
--- a/examples/json_yajl/conf/json_yajl.conf
+++ b/examples/json_yajl/conf/json_yajl.conf
@ -2,7 +2,6 @@

 bind		127.0.0.1 8888
 pidfile		kore.pid
-ssl_no_compression
 load		./json_yajl.so

 domain 127.0.0.1 {
--- a/examples/parameters/conf/parameters.conf
+++ b/examples/parameters/conf/parameters.conf
@ -2,7 +2,6 @@

 bind		127.0.0.1 8888
 pidfile		kore.pid
-ssl_no_compression
 load		./parameters.so

 # The validator used to validate the 'id' parameter
--- a/examples/pgsql/conf/pgsql.conf
+++ b/examples/pgsql/conf/pgsql.conf
@ -2,8 +2,6 @@

 bind		127.0.0.1 8888
 pidfile		kore.pid
-
-ssl_no_compression
 load		./pgsql.so pgsql_load

 pgsql_conn_max		5
--- a/examples/tasks/conf/tasks.conf
+++ b/examples/tasks/conf/tasks.conf
@ -2,11 +2,8 @@

 bind		127.0.0.1 8888
 pidfile		kore.pid
-
 load		./tasks.so

-ssl_no_compression
-
 validator	v_user		regex		^[a-z]*$

 domain 127.0.0.1 {
--- a/includes/kore.h
+++ b/includes/kore.h
@ -310,7 +310,6 @@ extern char	*kore_pidfile;
 extern char	*config_file;
 extern char	*kore_ssl_cipher_list;
 extern DH	*ssl_dhparam;
-extern int	ssl_no_compression;

 extern u_int8_t			nlisteners;
 extern u_int64_t		spdy_idle_time;
--- a/src/cli.c
+++ b/src/cli.c
@ -157,7 +157,6 @@ static const char *config_data =
 	"\n"
 	"bind\t\t127.0.0.1 8888\n"
 	"pidfile\t\tkore.pid\n"
-	"ssl_no_compression\n"
 	"load\t\t./%s.so\n"
 	"\n"
 	"domain 127.0.0.1 {\n"
--- a/src/config.c
+++ b/src/config.c
@ -293,8 +293,7 @@ configure_ssl_dhparam(char **argv)
 static int
 configure_ssl_no_compression(char **argv)
 {
-	ssl_no_compression = 1;
-
+	printf("ssl_no_compression is deprecated, and always on by default\n");
 	return (KORE_RESULT_OK);
 }

--- a/src/domain.c
+++ b/src/domain.c
@ -21,7 +21,6 @@
 struct kore_domain_h		domains;
 struct kore_domain		*primary_dom = NULL;
 DH				*ssl_dhparam = NULL;
-int				ssl_no_compression = 0;

 void
 kore_domain_init(void)
@ -96,8 +95,7 @@ kore_domain_sslstart(struct kore_domain *dom)
 #endif
 	}

-	if (ssl_no_compression)
-		SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_NO_COMPRESSION);
+	SSL_CTX_set_options(dom->ssl_ctx, SSL_OP_NO_COMPRESSION);

 	if (dom->cafile != NULL) {
 		if ((certs = SSL_load_client_CA_file(dom->cafile)) == NULL) {