[Dovecot] SSL + compression?

Timo Sirainen tss at iki.fi
Sat Jun 21 10:50:25 EEST 2008


On Sat, 2008-06-21 at 10:45 +0300, Timo Sirainen wrote:
> > However, digging deeper, it appears that COMP_zlib _is_ actually
> > "deflate", so adding
> > 
> > 	SSL_COMP_add_compression_method(COMP_zlib());
> > 
> > should do the trick. Apparently it's compatible to gnutls too (see
> > http://www.ietf.org/IESG/Implementations/rfc-3749-implementations.txt)

Oh, and the reason why I didn't even suggest the above was because the
following code (0.9.8e):

int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
..
	/* According to draft-ietf-tls-compression-04.txt, the
	   compression number ranges should be the following:

	   0 to 63:    methods defined by the IETF
	   64 to 192:  external party methods assigned by IANA
	   193 to 255: reserved for private use */
	if (id < 193 || id > 255)
		{
		SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
		return 0;
		}

That makes it impossible to add standard compression methods..

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080621/d59d3475/attachment.bin 


More information about the dovecot mailing list