[Dovecot] SSL + compression?

Johannes Berg johannes at sipsolutions.net
Sat Jun 21 10:54:01 EEST 2008


On Sat, 2008-06-21 at 10:50 +0300, Timo Sirainen wrote:
> On Sat, 2008-06-21 at 10:45 +0300, Timo Sirainen wrote:
> > > However, digging deeper, it appears that COMP_zlib _is_ actually
> > > "deflate", so adding
> > > 
> > > 	SSL_COMP_add_compression_method(COMP_zlib());
> > > 
> > > should do the trick. Apparently it's compatible to gnutls too (see
> > > http://www.ietf.org/IESG/Implementations/rfc-3749-implementations.txt)
> 
> Oh, and the reason why I didn't even suggest the above was because the
> following code (0.9.8e):
> 
> int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
> ..
> 	/* According to draft-ietf-tls-compression-04.txt, the
> 	   compression number ranges should be the following:
> 
> 	   0 to 63:    methods defined by the IETF
> 	   64 to 192:  external party methods assigned by IANA
> 	   193 to 255: reserved for private use */
> 	if (id < 193 || id > 255)
> 		{
> 		SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
> 		return 0;
> 		}
> 
> That makes it impossible to add standard compression methods..

Heh, yeah, obviously. Oh well. Apparently somebody was working on a
patch to have the standard compression methods added automatically, so I
suppose the best option might be to just wait for that (or see if it's
already done) and hope everybody else adds them too...

johannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080621/db2597e0/attachment-0001.bin 


More information about the dovecot mailing list