/usr/man/cat.3/SSL_COMP_free_compression_methods.3(/usr/man/cat.3/SSL_COMP_free_compression_methods.3)
SSL_COMP_add_compression_method(3OpenSSSSL_COMP_add_compression_method(3)
NAME
SSL_COMP_add_compression_method,
SSL_COMP_free_compression_methods - handle SSL/TLS
integrated compression methods
SYNOPSIS
#include <openssl/ssl.h>
int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+void SSL_COMP_free_compression_methods(void);
DESCRIPTION
SSL_COMP_add_compression_method() adds the compression
method cm with the identifier id to the list of available
compression methods. This list is globally maintained for
all SSL operations within this application. It cannot be
set for specific SSL_CTX or SSL objects.
SSL_COMP_free_compression_methods() frees the internal table
of compression methods that were built internally, and
possibly augmented by adding
SSL_COMP_add_compression_method().
NOTES
The TLS standard (or SSLv3) allows the integration of
compression methods into the communication. The TLS RFC does
however not specify compression methods or their
corresponding identifiers, so there is currently no
compatible way to integrate compression with unknown peers.
It is therefore currently not recommended to integrate
compression into applications. Applications for non-public
use may agree on certain compression methods. Using
different compression methods with the same identifier will
lead to connection failure.
An OpenSSL client speaking a protocol that allows
compression (SSLv3, TLSv1) will unconditionally send the
list of all compression methods enabled with
SSL_COMP_add_compression_method() to the server during the
handshake. Unlike the mechanisms to set a cipher list,
there is no method available to restrict the list of
compression method on a per connection basis.
An OpenSSL server will match the identifiers listed by a
client against its own compression methods and will
unconditionally activate compression when a matching
identifier is found. There is no way to restrict the list of
compression methods supported on a per connection basis.
If enabled during compilation, the OpenSSL library will have
the COMP_zlib() compression method available.
1.0.2t Last change: 2019-09-10 1
SSL_COMP_add_compression_method(3OpenSSSSL_COMP_add_compression_method(3)
WARNINGS
Once the identities of the compression methods for the TLS
protocol have been standardized, the compression API will
most likely be changed. Using it in the current state is not
recommended.
RETURN VALUES
SSL_COMP_add_compression_method() may return the following
values:
0 The operation succeeded.
1 The operation failed. Check the error queue to find out
the reason.
SEE ALSO
ssl(3)
1.0.2t Last change: 2019-09-10 2
See also SSL_COMP_add_compression_method(3)
Man(1) output converted with
man2html