[Dovecot] SSL + compression?
johannes at sipsolutions.net
Sat Jun 21 10:48:54 EEST 2008
On Sat, 2008-06-21 at 10:45 +0300, Timo Sirainen wrote:
> On Sat, 2008-06-21 at 09:35 +0200, Johannes Berg wrote:
> > On Sat, 2008-06-21 at 09:28 +0200, Johannes Berg wrote:
> > > > > I'm way behind the times.
> > > > > http://www.faqs.org/rfc/rfc3749.txt
> > > >
> > > > Looking at OpenSSL code, I think the patch below will give 0.9.8 ability
> > > > to support deflate compression. I'm not sure if I should include that to
> > > > Dovecot though. At least not for v1.1. :)
> > > >
> > > > diff -r 68a0be847980 src/login-common/ssl-proxy-openssl.c
> > > > --- a/src/login-common/ssl-proxy-openssl.c Fri Jun 20 12:20:17 2008 +0300
> > > > +++ b/src/login-common/ssl-proxy-openssl.c Sat Jun 21 04:29:51 2008 +0300
> > > > @@ -719,6 +719,7 @@
> > > > ssl_clean_free);
> > > > SSL_library_init();
> > > > SSL_load_error_strings();
> > > > + (void)SSL_COMP_get_compression_methods();
> > > >
> > > > extdata_index = SSL_get_ex_new_index(0, dovecot, NULL, NULL, NULL);
> > >
> > > Huh? As far as I can tell that will just return NULL and have no side
> > > effects because you haven't previously added compression methods
> > > with SSL_COMP_add_compression_method.
> At least OpenSSL 0.9.8[eg]'s SSL_COMP_get_compression_methods() adds
> all the compression methods on the first call. It doesn't return NULL
> with me.
Hmm, ok, I was looking at 0.9.7 code. Maybe they did change the API
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 836 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080621/f71d6d9b/attachment.bin
More information about the dovecot