On Sun, 2009-07-12 at 19:41 +0100, Ed W wrote: > Actually that ended up being mainly about the COMPRESS protocol > extension - that is interesting, but I personally doubt it offers much > extra over a simple outer layer protocol compression algorithm, eg > native SSL compression. (However, would settle for either/both...). > Some time back you suggested the SSL compression fix was a one liner on > the dovecot side though?
After trying ages to figure this out, I finally found out that it already works for SSL, as long as OpenSSL is compiled with zlib support. You can verify this with gnutls-cli (but not openssl s_client): gnutls-cli --priority NORMAL:+COMP-DEFLATE -p 993 --insecure localhost .. - Compression: DEFLATE Also interestingly enough I couldn't make compression work with gnutls-serv.. > As an aside would it help to have some sample code for zlib? Maybe some small sample code could be useful. Although I could also look at how GNUTLS does it. > My problem > is I don't know where to add it for the COMPRESS protocol > implementation... Zlib itself is pretty straightforward though. If you (or someone) can implement deflate istream and inflate ostream code for Dovecot, I can do the rest. BTW. For Dovecot v2.0 I'm also thinking about changing ssl-proxy code to be ssl-istream and ssl-ostream instead and then make a bit more generic login-proxy where you can give any i/ostreams. That'll also make implementing COMPRESS support easier..
signature.asc
Description: This is a digitally signed message part
