[stunnel-users] Compression

Ludovic LEVET llevet at ludosoft.org
Fri Dec 9 19:50:59 CET 2011


So,

For your next version (> 4.51) with update code for compression, i will 
replace openssl 0.9.8 by openssl 1.0.0e given from package 4.47 (for
windows of course) then i'm will be able to control compression (but am 
lost FIPS, not very important for me).
This is possible ?  (i think...)

Ludovic.



Le 09/12/2011 19:31, Michal Trojnara a écrit :
> Ludovic LEVET<llevet at ludosoft.org>  wrote:
>
>> Hi Mike,
>>
>> Yes, this is better to disable it by default.
>> But do you project to return on openssl 1.0.0x  for next release to
>> control compression ?
>>
>> And why are you move from openssl 1.0.0 to 0.9.8 in version 4.48 to
>> 4.49
>> ? (for FIPS i suppose)
>>
>> Thank's.
>>
>> Ludovic.
>>
>>
>> Le 09/12/2011 18:46, Michal Trojnara a écrit :
>>> I wrote:
>>>> My conclusion:
>>>> I will add "compression = none" global option implemented as:
>>>> #ifndef OPENSSL_NO_COMP
>>>>      sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
>>>> #endif
>>> On second thought:
>>> This might be probably even better to switch compression off by
>>> default.  The memory and CPU requirements of compression probably
>> make
>>> it a bad choice for ~90% of users.
>>>
>>> The available parameters will be:
>>>   - deflate - RFC 3749 https://www.ietf.org/rfc/rfc3749.txt
>>>   - zlib - OpenSSL 0.9.7 compatibility
>>>   - rle - OpenSSL 0.9.7 compatibility
>>> The default will be to disable compression entirely.
>>>
>>> What do you think?
>>>
>>> Mike
>>
>> _______________________________________________
>> stunnel-users mailing list
>> stunnel-users at stunnel.org
>> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
> No. Yes.
>
> Mike
>





More information about the stunnel-users mailing list