[Dovecot] SSL + compression?
Johannes Berg
johannes at sipsolutions.net
Sat Jun 21 10:35:30 EEST 2008
On Sat, 2008-06-21 at 09:28 +0200, Johannes Berg wrote:
> > > I'm way behind the times.
> > > http://www.faqs.org/rfc/rfc3749.txt
> >
> > Looking at OpenSSL code, I think the patch below will give 0.9.8 ability
> > to support deflate compression. I'm not sure if I should include that to
> > Dovecot though. At least not for v1.1. :)
> >
> > diff -r 68a0be847980 src/login-common/ssl-proxy-openssl.c
> > --- a/src/login-common/ssl-proxy-openssl.c Fri Jun 20 12:20:17 2008 +0300
> > +++ b/src/login-common/ssl-proxy-openssl.c Sat Jun 21 04:29:51 2008 +0300
> > @@ -719,6 +719,7 @@
> > ssl_clean_free);
> > SSL_library_init();
> > SSL_load_error_strings();
> > + (void)SSL_COMP_get_compression_methods();
> >
> > extdata_index = SSL_get_ex_new_index(0, dovecot, NULL, NULL, NULL);
>
> Huh? As far as I can tell that will just return NULL and have no side
> effects because you haven't previously added compression methods
> with SSL_COMP_add_compression_method.
However, digging deeper, it appears that COMP_zlib _is_ actually
"deflate", so adding
SSL_COMP_add_compression_method(COMP_zlib());
should do the trick. Apparently it's compatible to gnutls too (see
http://www.ietf.org/IESG/Implementations/rfc-3749-implementations.txt)
johannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080621/b378bdfe/attachment.bin
More information about the dovecot
mailing list