In your client app are you setting the options on the SSL_CTX *before* you call SSL_new()?
.................................... Erik Tkal Juniper OAC/UAC/Pulse Development From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Sebastian Raymond Sent: Tuesday, July 31, 2012 4:18 PM To: openssl-users@openssl.org Subject: Re: SSL compression Its not yet clear for me. What should be done to disable the compression? Since, the server is not going to be the openssl s_server. On Tue, Jul 31, 2012 at 7:35 PM, Sebastian Raymond <ray.s...@gmail.com<mailto:ray.s...@gmail.com>> wrote: Hello, I have tried following: 1. $openssl s_server -accept 443 -cert server.crt -key server.key Result-> Client offered deflate compression and server selected compression method. 2. $openssl s_server -accept 443 -cert server.crt -key server.key -no_comp Result-> Client offered deflate compression and this time, server selected null method. On Tue, Jul 31, 2012 at 7:16 PM, Dr. Stephen Henson <st...@openssl.org<mailto:st...@openssl.org>> wrote: On Tue, Jul 31, 2012, Sebastian Raymond wrote: > Hello, > > I have written a SSL client program to talk with SSL server. > > I have a linux machine and Openssl 1.0.0e is installed with zlib enabled. > That means, deflate compression method is supported. > > I want to transfer the data without compression. Therefore, I used > following to disable the compression. > > SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION); > > Where ctx is SSL_CTX object. > > When I inspect the traffic in Wireshark, I still see that my client program > is offering deflate compression method and server is replying with server > hello that chooses deflate as compression. > What happens if you try this with the s_server utility and the -no_comp command line option? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org<mailto:openssl-users@openssl.org> Automated List Manager majord...@openssl.org<mailto:majord...@openssl.org> -- Regards, Sebastian -- Regards, Sebastian
