/usr/man/cat.3/SSL_COMP_add_compression_method.3(/usr/man/cat.3/SSL_COMP_add_compression_method.3)

SSL_COMP_add_compression_method(3OpenSSSSL_COMP_add_compression_method(3)

NAME

     SSL_COMP_add_compression_method,
     SSL_COMP_free_compression_methods - handle SSL/TLS
     integrated compression methods

SYNOPSIS

      #include <openssl/ssl.h>

      int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);

      +void SSL_COMP_free_compression_methods(void);

DESCRIPTION

     SSL_COMP_add_compression_method() adds the compression
     method cm with the identifier id to the list of available
     compression methods. This list is globally maintained for
     all SSL operations within this application.  It cannot be
     set for specific SSL_CTX or SSL objects.

     SSL_COMP_free_compression_methods() frees the internal table
     of compression methods that were built internally, and
     possibly augmented by adding
     SSL_COMP_add_compression_method().

NOTES

     The TLS standard (or SSLv3) allows the integration of
     compression methods into the communication. The TLS RFC does
     however not specify compression methods or their
     corresponding identifiers, so there is currently no
     compatible way to integrate compression with unknown peers.
     It is therefore currently not recommended to integrate
     compression into applications. Applications for non-public
     use may agree on certain compression methods. Using
     different compression methods with the same identifier will
     lead to connection failure.

     An OpenSSL client speaking a protocol that allows
     compression (SSLv3, TLSv1) will unconditionally send the
     list of all compression methods enabled with
     SSL_COMP_add_compression_method() to the server during the
     handshake.  Unlike the mechanisms to set a cipher list,
     there is no method available to restrict the list of
     compression method on a per connection basis.

     An OpenSSL server will match the identifiers listed by a
     client against its own compression methods and will
     unconditionally activate compression when a matching
     identifier is found. There is no way to restrict the list of
     compression methods supported on a per connection basis.

     If enabled during compilation, the OpenSSL library will have
     the COMP_zlib() compression method available.

1.0.2t               Last change: 2019-09-10                    1

SSL_COMP_add_compression_method(3OpenSSSSL_COMP_add_compression_method(3)

WARNINGS

     Once the identities of the compression methods for the TLS
     protocol have been standardized, the compression API will
     most likely be changed. Using it in the current state is not
     recommended.

RETURN VALUES

     SSL_COMP_add_compression_method() may return the following
     values:

     0   The operation succeeded.

     1   The operation failed. Check the error queue to find out
         the reason.

SEE ALSO

     ssl(3)

1.0.2t               Last change: 2019-09-10                    2

See also SSL_COMP_free_compression_methods(3)