diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/ejabberd_c2s.erl | 6 | ||||
| -rw-r--r-- | src/ejabberd_http.erl | 6 | ||||
| -rw-r--r-- | src/ejabberd_s2s_in.erl | 16 | ||||
| -rw-r--r-- | src/ejabberd_s2s_out.erl | 10 |
4 files changed, 33 insertions, 5 deletions
diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl index c7038e6b2..5e50d9bf9 100644 --- a/src/ejabberd_c2s.erl +++ b/src/ejabberd_c2s.erl @@ -244,7 +244,11 @@ init([{SockMod, Socket}, Opts]) -> (_) -> false end, Opts), - TLSOpts = [verify_none | TLSOpts1], + TLSOpts2 = case proplists:get_bool(tls_compression, Opts) of + false -> [compression_none | TLSOpts1]; + true -> TLSOpts1 + end, + TLSOpts = [verify_none | TLSOpts2], IP = peerip(SockMod, Socket), %% Check if IP is blacklisted: case is_ip_blacklisted(IP) of diff --git a/src/ejabberd_http.erl b/src/ejabberd_http.erl index 0af7adc37..899d50eb3 100644 --- a/src/ejabberd_http.erl +++ b/src/ejabberd_http.erl @@ -96,7 +96,11 @@ init({SockMod, Socket}, Opts) -> (_) -> false end, Opts), - TLSOpts = [verify_none | TLSOpts1], + TLSOpts2 = case proplists:get_bool(tls_compression, Opts) of + false -> [compression_none | TLSOpts1]; + true -> TLSOpts1 + end, + TLSOpts = [verify_none | TLSOpts2], {SockMod1, Socket1} = if TLSEnabled -> inet:setopts(Socket, [{recbuf, 8192}]), {ok, TLSSocket} = p1_tls:tcp_to_tls(Socket, diff --git a/src/ejabberd_s2s_in.erl b/src/ejabberd_s2s_in.erl index 1e8cbee78..7692614ea 100644 --- a/src/ejabberd_s2s_in.erl +++ b/src/ejabberd_s2s_in.erl @@ -171,12 +171,16 @@ init([{SockMod, Socket}, Opts]) -> required_trusted -> {true, true, true} end, - TLSOpts = case ejabberd_config:get_local_option( + TLSOpts1 = case ejabberd_config:get_local_option( s2s_certfile, fun iolist_to_binary/1) of undefined -> []; CertFile -> [{certfile, CertFile}] end, + TLSOpts = case proplists:get_bool(tls_compression, Opts) of + false -> [compression_none | TLSOpts1]; + true -> TLSOpts1 + end, Timer = erlang:start_timer(?S2STIMEOUT, self(), []), {ok, wait_for_stream, #state{socket = Socket, sockmod = SockMod, @@ -319,7 +323,7 @@ wait_for_feature_request({xmlstreamelement, El}, SockMod == gen_tcp -> ?DEBUG("starttls", []), Socket = StateData#state.socket, - TLSOpts = case + TLSOpts1 = case ejabberd_config:get_local_option( {domain_certfile, StateData#state.server}, fun iolist_to_binary/1) of @@ -328,6 +332,14 @@ wait_for_feature_request({xmlstreamelement, El}, [{certfile, CertFile} | lists:keydelete(certfile, 1, StateData#state.tls_options)] end, + TLSOpts = case ejabberd_config:get_local_option( + {s2s_tls_compression, StateData#state.server}, + fun(true) -> true; + (false) -> false + end, true) of + true -> lists:delete(compression_none, TLSOpts1); + false -> [compression_none | TLSOpts1] + end, TLSSocket = (StateData#state.sockmod):starttls(Socket, TLSOpts, xml:element_to_binary(#xmlel{name diff --git a/src/ejabberd_s2s_out.erl b/src/ejabberd_s2s_out.erl index 9829b621d..1aaaa9998 100644 --- a/src/ejabberd_s2s_out.erl +++ b/src/ejabberd_s2s_out.erl @@ -183,13 +183,21 @@ init([From, Server, Type]) -> {true, true} end, UseV10 = TLS, - TLSOpts = case + TLSOpts1 = case ejabberd_config:get_local_option( s2s_certfile, fun iolist_to_binary/1) of undefined -> [connect]; CertFile -> [{certfile, CertFile}, connect] end, + TLSOpts = case ejabberd_config:get_local_option( + {s2s_tls_compression, From}, + fun(true) -> true; + (false) -> false + end, true) of + false -> [compression_none | TLSOpts1]; + true -> TLSOpts1 + end, {New, Verify} = case Type of {new, Key} -> {Key, false}; {verify, Pid, Key, SID} -> |