[Dovecot] SSL + compression?
Johannes Berg
johannes at sipsolutions.net
Sat Jun 21 10:54:01 EEST 2008
On Sat, 2008-06-21 at 10:50 +0300, Timo Sirainen wrote:
> On Sat, 2008-06-21 at 10:45 +0300, Timo Sirainen wrote:
> > > However, digging deeper, it appears that COMP_zlib _is_ actually
> > > "deflate", so adding
> > >
> > > SSL_COMP_add_compression_method(COMP_zlib());
> > >
> > > should do the trick. Apparently it's compatible to gnutls too (see
> > > http://www.ietf.org/IESG/Implementations/rfc-3749-implementations.txt)
>
> Oh, and the reason why I didn't even suggest the above was because the
> following code (0.9.8e):
>
> int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
> ..
> /* According to draft-ietf-tls-compression-04.txt, the
> compression number ranges should be the following:
>
> 0 to 63: methods defined by the IETF
> 64 to 192: external party methods assigned by IANA
> 193 to 255: reserved for private use */
> if (id < 193 || id > 255)
> {
> SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
> return 0;
> }
>
> That makes it impossible to add standard compression methods..
Heh, yeah, obviously. Oh well. Apparently somebody was working on a
patch to have the standard compression methods added automatically, so I
suppose the best option might be to just wait for that (or see if it's
already done) and hope everybody else adds them too...
johannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080621/db2597e0/attachment-0001.bin
More information about the dovecot
mailing list