On Sun, Dec 30, 2012 at 11:06 AM, Dr. Stephen Henson <st...@openssl.org> wrote: > On Sat, Dec 29, 2012, Dr. Stephen Henson wrote: > >> On Fri, Dec 28, 2012, Jeffrey Walton wrote: >> >> > On Fri, Dec 28, 2012 at 3:23 PM, Michael Mueller <abaci....@gmail.com> >> > wrote: >> > > i was going to do this: >> > > >> > > SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION); >> > Yeah, it looks like that's the option. I would prefer to remove the >> > code paths all together though. >> > >> > If the code path does not exist, it cannot be executed. >> > >> >> Unless OpenSSL has been build with the zlib or zlib-dynamic option it wont >> use >> zlib. Since that's the only compression method standardised for SSL/TLS it >> effectively disables compression for SSL/TLS as a side effect as there are no >> compression methods available. >> > > Ugh, that'll teach me not to do a "make clean" first. Correction: > > If you use "no-comp" it will remove the compression library from OpenSSL > entirely but due to a bug (fix just committed) you'll get a linker error. Thanks Doctor.
Does OpenSSL have a web front-end on its version control system so I can copy/paste the relevant changes for the commit? I'm trying avoid moving too far away from 1.0.1c proper (May 10, 2012) since it advertised on the download page (http://www.openssl.org/source/). Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
