1=pod 2 3=head1 NAME 4 5SSL_COMP_add_compression_method, SSL_COMP_get_compression_methods, 6SSL_COMP_get0_name, SSL_COMP_get_id, SSL_COMP_free_compression_methods 7- handle SSL/TLS integrated compression methods 8 9=head1 SYNOPSIS 10 11 #include <openssl/ssl.h> 12 13 int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm); 14 STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); 15 const char *SSL_COMP_get0_name(const SSL_COMP *comp); 16 int SSL_COMP_get_id(const SSL_COMP *comp); 17 18Deprecated: 19 20 #if OPENSSL_API_COMPAT < 0x10100000L 21 void SSL_COMP_free_compression_methods(void) 22 #endif 23 24=head1 DESCRIPTION 25 26SSL_COMP_add_compression_method() adds the compression method B<cm> with 27the identifier B<id> to the list of available compression methods. This 28list is globally maintained for all SSL operations within this application. 29It cannot be set for specific SSL_CTX or SSL objects. 30 31SSL_COMP_get_compression_methods() returns a stack of all of the available 32compression methods or NULL on error. 33 34SSL_COMP_get0_name() returns the name of the compression method B<comp>. 35 36SSL_COMP_get_id() returns the id of the compression method B<comp>. 37 38SSL_COMP_free_compression_methods() releases any resources acquired to 39maintain the internal table of compression methods. 40 41=head1 NOTES 42 43The TLS standard (or SSLv3) allows the integration of compression methods 44into the communication. The TLS RFC does however not specify compression 45methods or their corresponding identifiers, so there is currently no compatible 46way to integrate compression with unknown peers. It is therefore currently not 47recommended to integrate compression into applications. Applications for 48non-public use may agree on certain compression methods. Using different 49compression methods with the same identifier will lead to connection failure. 50 51An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1) 52will unconditionally send the list of all compression methods enabled with 53SSL_COMP_add_compression_method() to the server during the handshake. 54Unlike the mechanisms to set a cipher list, there is no method available to 55restrict the list of compression method on a per connection basis. 56 57An OpenSSL server will match the identifiers listed by a client against 58its own compression methods and will unconditionally activate compression 59when a matching identifier is found. There is no way to restrict the list 60of compression methods supported on a per connection basis. 61 62If enabled during compilation, the OpenSSL library will have the 63COMP_zlib() compression method available. 64 65=head1 RETURN VALUES 66 67SSL_COMP_add_compression_method() may return the following values: 68 69=over 4 70 71=item Z<>0 72 73The operation succeeded. 74 75=item Z<>1 76 77The operation failed. Check the error queue to find out the reason. 78 79=back 80 81SSL_COMP_get_compression_methods() returns the stack of compressions methods or 82NULL on error. 83 84SSL_COMP_get0_name() returns the name of the compression method or NULL on error. 85 86SSL_COMP_get_id() returns the name of the compression method or -1 on error. 87 88=head1 SEE ALSO 89 90L<ssl(7)> 91 92=head1 HISTORY 93 94The SSL_COMP_free_compression_methods() function was deprecated in OpenSSL 1.1.0. 95The SSL_COMP_get0_name() and SSL_comp_get_id() functions were added in OpenSSL 1.1.0d. 96 97=head1 COPYRIGHT 98 99Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. 100 101Licensed under the OpenSSL license (the "License"). You may not use 102this file except in compliance with the License. You can obtain a copy 103in the file LICENSE in the source distribution or at 104L<https://www.openssl.org/source/license.html>. 105 106=cut 107