This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.
This commit is contained in:
cvs2svn
64
doc/ssl/SSL_COMP_add_compression_method.pod
Normal file
64
doc/ssl/SSL_COMP_add_compression_method.pod
Normal file
@@ -0,0 +1,64 @@
|
|||||||
|
=pod
|
||||||
|
|
||||||
|
=head1 NAME
|
||||||
|
|
||||||
|
SSL_COMP_add_compression_method - handle SSL/TLS integrated compression methods
|
||||||
|
|
||||||
|
=head1 SYNOPSIS
|
||||||
|
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
|
int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
|
||||||
|
|
||||||
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
|
SSL_COMP_add_compression_method() adds the compression method B<cm> with
|
||||||
|
the identifier B<id> to the list of available compression methods. This
|
||||||
|
list is globally maintained for all SSL operations within this application.
|
||||||
|
It cannot be set for specific SSL_CTX or SSL objects.
|
||||||
|
|
||||||
|
=head1 NOTES
|
||||||
|
|
||||||
|
The TLS standard (or SSLv3) allows the integration of compression methods
|
||||||
|
into the communication. The TLS RFC does however not specify compression
|
||||||
|
methods or their corresponding identifiers, so there is currently no compatible
|
||||||
|
way to integrate compression with unknown peers. It is therefore currently not
|
||||||
|
recommended to integrate compression into applications. Applications for
|
||||||
|
non-public use may agree on certain compression methods. Using different
|
||||||
|
compression methods with the same identifier will lead to connection failure.
|
||||||
|
|
||||||
|
An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1)
|
||||||
|
will unconditionally send the list of all compression methods enabled with
|
||||||
|
SSL_COMP_add_compression_method() to the server during the handshake.
|
||||||
|
Unlike the mechanisms to set a cipher list, there is no method available to
|
||||||
|
restrict the list of compression method on a per connection basis.
|
||||||
|
|
||||||
|
An OpenSSL server will match the identifiers listed by a client against
|
||||||
|
its own compression methods and will unconditionally activate compression
|
||||||
|
when a matching identifier is found. There is no way to restrict the list
|
||||||
|
of compression methods supported on a per connection basis.
|
||||||
|
|
||||||
|
The OpenSSL library has the compression methods B<COMP_rle()> and (when
|
||||||
|
especially enabled during compilation) B<COMP_zlib()> available.
|
||||||
|
|
||||||
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
|
SSL_COMP_add_compression_method() may return the following values:
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
=item 1
|
||||||
|
|
||||||
|
The operation succeeded.
|
||||||
|
|
||||||
|
=item 0
|
||||||
|
|
||||||
|
The operation failed. Check the error queue to find out the reason.
|
||||||
|
|
||||||
|
=back
|
||||||
|
|
||||||
|
=head1 SEE ALSO
|
||||||
|
|
||||||
|
L<ssl(3)|ssl(3)>
|
||||||
|
|
||||||
|
=cut
|
||||||
Reference in New Issue
Block a user