1=pod 2 3=head1 NAME 4 5SSL_COMP_add_compression_method, SSL_COMP_get_compression_methods, 6SSL_COMP_get0_name, SSL_COMP_get_id, SSL_COMP_free_compression_methods 7- handle SSL/TLS integrated compression methods 8 9=head1 SYNOPSIS 10 11 #include <openssl/ssl.h> 12 13 int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm); 14 STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); 15 const char *SSL_COMP_get0_name(const SSL_COMP *comp); 16 int SSL_COMP_get_id(const SSL_COMP *comp); 17 18Deprecated: 19 20 #if OPENSSL_API_COMPAT < 0x10100000L 21 void SSL_COMP_free_compression_methods(void) 22 #endif 23 24=head1 DESCRIPTION 25 26SSL_COMP_add_compression_method() adds the compression method B<cm> with 27the identifier B<id> to the list of available compression methods. This 28list is globally maintained for all SSL operations within this application. 29It cannot be set for specific SSL_CTX or SSL objects. 30 31SSL_COMP_get_compression_methods() returns a stack of all of the available 32compression methods or NULL on error. 33 34SSL_COMP_get0_name() returns the name of the compression method B<comp>. 35 36SSL_COMP_get_id() returns the id of the compression method B<comp>. 37 38SSL_COMP_free_compression_methods() releases any resources acquired to 39maintain the internal table of compression methods. 40 41=head1 NOTES 42 43The TLS standard (or SSLv3) allows the integration of compression methods 44into the communication. The TLS RFC does however not specify compression 45methods or their corresponding identifiers, so there is currently no compatible 46way to integrate compression with unknown peers. It is therefore currently not 47recommended to integrate compression into applications. Applications for 48non-public use may agree on certain compression methods. Using different 49compression methods with the same identifier will lead to connection failure. 50 51An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1) 52will unconditionally send the list of all compression methods enabled with 53SSL_COMP_add_compression_method() to the server during the handshake. 54Unlike the mechanisms to set a cipher list, there is no method available to 55restrict the list of compression method on a per connection basis. 56 57An OpenSSL server will match the identifiers listed by a client against 58its own compression methods and will unconditionally activate compression 59when a matching identifier is found. There is no way to restrict the list 60of compression methods supported on a per connection basis. 61 62If enabled during compilation, the OpenSSL library will have the 63COMP_zlib() compression method available. 64 65=head1 RETURN VALUES 66 67SSL_COMP_add_compression_method() may return the following values: 68 69=over 4 70 71=item Z<>0 72 73The operation succeeded. 74 75=item Z<>1 76 77The operation failed. Check the error queue to find out the reason. 78 79=back 80 81SSL_COMP_get_compression_methods() returns the stack of compressions methods or 82NULL on error. 83 84SSL_COMP_get0_name() returns the name of the compression method or NULL on error. 85 86SSL_COMP_get_id() returns the name of the compression method or -1 on error. 87 88=head1 SEE ALSO 89 90L<ssl(7)> 91 92=head1 HISTORY 93 94SSL_COMP_free_compression_methods() was deprecated in OpenSSL 1.1.0; 95do not use it. 96SSL_COMP_get0_name() and SSL_comp_get_id() were added in OpenSSL 1.1.0d. 97 98=head1 COPYRIGHT 99 100Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. 101 102Licensed under the OpenSSL license (the "License"). You may not use 103this file except in compliance with the License. You can obtain a copy 104in the file LICENSE in the source distribution or at 105L<https://www.openssl.org/source/license.html>. 106 107=cut 108