On Sat, 2008-06-21 at 09:35 +0200, Johannes Berg wrote: > On Sat, 2008-06-21 at 09:28 +0200, Johannes Berg wrote: > > > > I'm way behind the times. > > > > http://www.faqs.org/rfc/rfc3749.txt > > > > > > Looking at OpenSSL code, I think the patch below will give 0.9.8 ability > > > to support deflate compression. I'm not sure if I should include that to > > > Dovecot though. At least not for v1.1. :) > > > > > > diff -r 68a0be847980 src/login-common/ssl-proxy-openssl.c > > > --- a/src/login-common/ssl-proxy-openssl.c Fri Jun 20 12:20:17 2008 > > > +0300 > > > +++ b/src/login-common/ssl-proxy-openssl.c Sat Jun 21 04:29:51 2008 > > > +0300 > > > @@ -719,6 +719,7 @@ > > > ssl_clean_free); > > > SSL_library_init(); > > > SSL_load_error_strings(); > > > + (void)SSL_COMP_get_compression_methods(); > > > > > > extdata_index = SSL_get_ex_new_index(0, dovecot, NULL, NULL, > > > NULL); > > > > Huh? As far as I can tell that will just return NULL and have no side > > effects because you haven't previously added compression methods > > with SSL_COMP_add_compression_method. > > However, digging deeper, it appears that COMP_zlib _is_ actually > "deflate", so adding > > SSL_COMP_add_compression_method(COMP_zlib()); > > should do the trick. Apparently it's compatible to gnutls too (see > http://www.ietf.org/IESG/Implementations/rfc-3749-implementations.txt)
At least OpenSSL 0.9.8[eg]'s SSL_COMP_get_compression_methods() adds all the compression methods on the first call. It doesn't return NULL with me.
signature.asc
Description: This is a digitally signed message part
