Andrew Marlow, I executed zlib external to SSL which is fairly simple and allows greater control over, e.g., the zlib compression level parameter.
This post is about my attempts to discover why// Sending before SSL
the ssltest program does not use compression when -zlib
is given on the command line. My openSSL is version 0.9.7
and was built via the command './Configure shared zlib'.
I have proved that compression does not occur.
I proved it via trace statements in z_clib.c.
The trace is never executed. The performance is
the same whether or not -zlib is given on the command line.
#define ZLIB_PACKET_MIN 1000
#define MAX_PACKET_SIZE 16000
#define PACKET_SIZE 15000
// msg_state is the object carrying the packet to be sent.
// First two packet bytes contain the packet length as an unsigned short.
// Third packet byte (packet[2]) contains flags. One of those flags is compressed or not.
if (msg_state->packet_bytes > ZLIB_PACKET_MIN)
{
uLongf bufzip_size=(uLongf)(((float)msg_state->packet_bytes-3)*1.1+12.5);
char bufzip[(int)bufzip_size];
int zlib_rslt=0;
if ((zlib_rslt=compress2((Bytef*)bufzip, &bufzip_size,
(Bytef*)msg_state->packet+3,
(unsigned int)msg_state->packet_bytes-3,
icsa_config.zlib_compression_level))
!= Z_OK)
{
string err_msg = "Error assemble_std_packet - Unable to compress2 - ";
if (zlib_rslt == Z_ERRNO)
err_msg += "Z_ERRNO";
else if (zlib_rslt == Z_STREAM_ERROR)
err_msg += "Z_STREAM_ERROR";
else if (zlib_rslt == Z_DATA_ERROR)
err_msg += "Z_DATA_ERROR";
else if (zlib_rslt == Z_MEM_ERROR)
err_msg += "Z_MEM_ERROR";
else if (zlib_rslt == Z_BUF_ERROR)
err_msg += "Z_BUF_ERROR";
else if (zlib_rslt == Z_VERSION_ERROR)
err_msg += "Z_VERSION_ERROR";
else if (zlib_rslt == Z_STREAM_END)
err_msg += "Z_STREAM_END";
else if (zlib_rslt == Z_NEED_DICT)
err_msg += "Z_NEED_DICT";
else
err_msg += "unknown error - zlib_rslt=" + itostr(zlib_rslt);
icsa_log << err_msg << endl;
// Continue without modification of packet.
}
// Require at least 95% compression.
else if ( (float(bufzip_size) / float(msg_state->packet_bytes-3)) < 0.95)
{
msg_state->packet_bytes = bufzip_size+3;
msg_state->packet_type |= ZIPPED;
memcpy(msg_state->packet, &msg_state->packet_bytes, USHORT_SIZE);
memcpy(msg_state->packet+USHORT_SIZE, &msg_state->packet_type, 1);
memcpy(msg_state->packet+3, bufzip, bufzip_size);
}
}
// Receiving after SSL
if (packet_type & ZIPPED)
{
uLongf bufout_size = MAX_PACKET_SIZE;
char bufout[MAX_PACKET_SIZE];
int zlib_rslt=0;
if ((zlib_rslt=uncompress((Bytef *)bufout, &bufout_size,
(Bytef*)recv_skt->packet+3,
(unsigned int)recv_skt->packet_len-3))
!= Z_OK)
{
string err_msg = "Error decode_packet - Unable to uncompress - ";
if (zlib_rslt == Z_ERRNO)
err_msg += "Z_ERRNO";
else if (zlib_rslt == Z_STREAM_ERROR)
err_msg += "Z_STREAM_ERROR";
else if (zlib_rslt == Z_DATA_ERROR)
err_msg += "Z_DATA_ERROR";
else if (zlib_rslt == Z_MEM_ERROR)
err_msg += "Z_MEM_ERROR";
else if (zlib_rslt == Z_BUF_ERROR)
err_msg += "Z_BUF_ERROR";
else if (zlib_rslt == Z_VERSION_ERROR)
err_msg += "Z_VERSION_ERROR";
else if (zlib_rslt == Z_STREAM_END)
err_msg += "Z_STREAM_END";
else if (zlib_rslt == Z_NEED_DICT)
err_msg += "Z_NEED_DICT";
else
err_msg += "unknown error - zlib_rslt=" + itostr(zlib_rslt);
icsa_log << err_msg << endl;
return 0;
}
}
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
