On Sat, 2008-06-21 at 09:35 +0200, Johannes Berg wrote:
On Sat, 2008-06-21 at 09:28 +0200, Johannes Berg wrote:
I'm way behind the times. http://www.faqs.org/rfc/rfc3749.txt
Looking at OpenSSL code, I think the patch below will give 0.9.8 ability to support deflate compression. I'm not sure if I should include that to Dovecot though. At least not for v1.1. :)
diff -r 68a0be847980 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Fri Jun 20 12:20:17 2008 +0300 +++ b/src/login-common/ssl-proxy-openssl.c Sat Jun 21 04:29:51 2008 +0300 @@ -719,6 +719,7 @@ ssl_clean_free); SSL_library_init(); SSL_load_error_strings(); + (void)SSL_COMP_get_compression_methods();
extdata_index = SSL_get_ex_new_index(0, dovecot, NULL, NULL, NULL);
Huh? As far as I can tell that will just return NULL and have no side effects because you haven't previously added compression methods with SSL_COMP_add_compression_method.
However, digging deeper, it appears that COMP_zlib _is_ actually "deflate", so adding
SSL_COMP_add_compression_method(COMP_zlib());
should do the trick. Apparently it's compatible to gnutls too (see http://www.ietf.org/IESG/Implementations/rfc-3749-implementations.txt)
At least OpenSSL 0.9.8[eg]'s SSL_COMP_get_compression_methods() adds all the compression methods on the first call. It doesn't return NULL with me.