From 14ba90fc936b836133b91355b3a0e38b5a4df621 Mon Sep 17 00:00:00 2001
From: Marvin Scholz <epirat07@gmail.com>
Date: Sat, 20 Apr 2019 19:51:02 +0200
Subject: [PATCH] Cleanup: Simplify adding SSL_OP_NO_COMPRESSION

---
 src/tls.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/tls.c b/src/tls.c
index da4fa8f7..b2a6f364 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -81,12 +81,12 @@ tls_ctx_t *tls_ctx_new(const char *cert_file, const char *key_file, const char *
     ctx->ctx = SSL_CTX_new(SSLv23_server_method());
 
     ssl_opts = SSL_CTX_get_options(ctx->ctx);
+    ssl_opts |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; // Disable SSLv2 and SSLv3
 #ifdef SSL_OP_NO_COMPRESSION
-    SSL_CTX_set_options(ctx->ctx, ssl_opts|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_COMPRESSION);
-#else
-    SSL_CTX_set_options(ctx->ctx, ssl_opts|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
+    ssl_opts |= SSL_OP_NO_COMPRESSION;             // Never use compression
 #endif
 
+    SSL_CTX_set_options(ctx->ctx, ssl_opts);
     do {
         if (SSL_CTX_use_certificate_chain_file(ctx->ctx, cert_file) <= 0) {
             ICECAST_LOG_WARN("Invalid cert file %s", cert_file);