Hello,
> Interesting that the initial session is uncompressed, but the resumed
> session is...
With default configuration (enabled ssl2/3,tls1) OpenSSL client sends
SSL2 ClientHello packet (with TLS1 protocol version)
which has no support for compression information.
> I'll gladly test any snapshot that addresses this issue.
Simply way to disable TLS1_FLAGS_TLS_PADDING_BUG when compression
is compiled in AND when peer want to use compression is to change
line ssl/t1_enc.c:831 :
if ((memcmp(s->s3->read_sequence,
"\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
to someting like:
if ((memcmp(s->s3->read_sequence,
"\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1) && !s->expand)
> Is there any way to determine at run-time whether the
> OpenSSL library is a 0.9.8[ab] release with zlib enabled?
SSL_COMP_get_compression_methods() returns always NULL
when compression is not compiled in.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
