MirBSD manpage: SSL_COMP_add_compression_method(3)



     SSL_COMP_add_compression_method - handle SSL/TLS integrated
     compression methods


      #include <openssl/ssl.h>

      int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);


     SSL_COMP_add_compression_method() adds the compression
     method cm with the identifier id to the list of available
     compression methods. This list is globally maintained for
     all SSL operations within this application. It cannot be set
     for specific SSL_CTX or SSL objects.


     The TLS standard (or SSLv3) allows the integration of
     compression methods into the communication. The TLS RFC does
     however not specify compression methods or their correspond-
     ing identifiers, so there is currently no compatible way to
     integrate compression with unknown peers. It is therefore
     currently not recommended to integrate compression into
     applications. Applications for non-public use may agree on
     certain compression methods. Using different compression
     methods with the same identifier will lead to connection

     An OpenSSL client speaking a protocol that allows compres-
     sion (SSLv3, TLSv1) will unconditionally send the list of
     all compression methods enabled with
     SSL_COMP_add_compression_method() to the server during the
     handshake. Unlike the mechanisms to set a cipher list, there
     is no method available to restrict the list of compression
     method on a per connection basis.

     An OpenSSL server will match the identifiers listed by a
     client against its own compression methods and will uncondi-
     tionally activate compression when a matching identifier is
     found. There is no way to restrict the list of compression
     methods supported on a per connection basis.

     The OpenSSL library has the compression methods COMP_rle()
     and (when especially enabled during compilation) COMP_zlib()


     Once the identities of the compression methods for the TLS
     protocol have been standardized, the compression API will
     most likely be changed. Using it in the current state is not

MirBSD #10-current         2014-11-26                           1



     SSL_COMP_add_compression_method() may return the following

     0   The operation succeeded.

     1   The operation failed. Check the error queue to find out
         the reason.



MirBSD #10-current         2014-11-26                           2

Generated on 2022-12-24 01:00:14 by $MirOS: src/scripts/roff2htm,v 1.113 2022/12/21 23:14:31 tg Exp $ — This product includes material provided by mirabilos.

These manual pages and other documentation are copyrighted by their respective writers; their sources are available at the project’s CVSweb, AnonCVS and other mirrors. The rest is Copyright © 2002–2022 MirBSD.

This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report — diffs preferred.

Kontakt / Impressum & Datenschutzerklärung