summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAttila Molnar <attilamolnar@hush.com>2014-10-14 17:40:13 +0200
committerAttila Molnar <attilamolnar@hush.com>2014-10-14 17:40:13 +0200
commit566904ece4aa15cfc90a4452375b54b5daf3baf2 (patch)
treed18a975323c55454de8e047b8775fa45f6b7e401
parent856d1b422b286dd569a48dd538d3e720ee29fd5d (diff)
m_ssl_openssl Add user-friendly config options for setting a few OpenSSL context options
-rw-r--r--src/modules/extra/m_ssl_openssl.cpp14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 518712c00..8a575466e 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -113,6 +113,20 @@ class ModuleSSLOpenSSL : public Module
static void SetContextOptions(SSL_CTX* ctx, long defoptions, const std::string& ctxname, ConfigTag* tag)
{
long setoptions = tag->getInt(ctxname + "setoptions");
+ // User-friendly config options for setting context options
+#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
+ if (tag->getBool("cipherserverpref"))
+ setoptions |= SSL_OP_CIPHER_SERVER_PREFERENCE;
+#endif
+#ifdef SSL_OP_NO_COMPRESSION
+ if (!tag->getBool("compression", true))
+ setoptions |= SSL_OP_NO_COMPRESSION;
+#endif
+ if (!tag->getBool("sslv3", true))
+ setoptions |= SSL_OP_NO_SSLv3;
+ if (!tag->getBool("tlsv1", true))
+ setoptions |= SSL_OP_NO_TLSv1;
+
long clearoptions = tag->getInt(ctxname + "clearoptions");
ServerInstance->Logs->Log("m_ssl_openssl", DEBUG, "Setting OpenSSL %s context options, default: %ld set: %ld clear: %ld", ctxname.c_str(), defoptions, clearoptions, setoptions);