m_ssl_openssl Add user-friendly config options for setting a few OpenSSL context...

diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 518712c00d6621d958d6d7f0483a5a6e54de4e51..8a575466e4baf076b1c3bead1d7bce4553291125 100644 (file)
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -113,6 +113,20 @@ class ModuleSSLOpenSSL : public Module
        static void SetContextOptions(SSL_CTX* ctx, long defoptions, const std::string& ctxname, ConfigTag* tag)
        {
                long setoptions = tag->getInt(ctxname + "setoptions");
+               // User-friendly config options for setting context options
+#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
+               if (tag->getBool("cipherserverpref"))
+                       setoptions |= SSL_OP_CIPHER_SERVER_PREFERENCE;
+#endif
+#ifdef SSL_OP_NO_COMPRESSION
+               if (!tag->getBool("compression", true))
+                       setoptions |= SSL_OP_NO_COMPRESSION;
+#endif
+               if (!tag->getBool("sslv3", true))
+                       setoptions |= SSL_OP_NO_SSLv3;
+               if (!tag->getBool("tlsv1", true))
+                       setoptions |= SSL_OP_NO_TLSv1;
+
                long clearoptions = tag->getInt(ctxname + "clearoptions");
                ServerInstance->Logs->Log("m_ssl_openssl", DEBUG, "Setting OpenSSL %s context options, default: %ld set: %ld clear: %ld", ctxname.c_str(), defoptions, clearoptions, setoptions);