Yes, I am calling it before SSL_new();
SSL_CTX_set_options(ctx,SSL_OP_NO_COMPRESSION);
SSL *ssl = SSL_new(ctx);
On Tue, Jul 31, 2012 at 10:26 PM, Erik Tkal <et...@juniper.net> wrote:
> In your client app are you setting the options on the SSL_CTX *before* you
> call SSL_new()?****
>
>
> ....................................
> *Erik Tkal**
> *Juniper OAC/UAC/Pulse Development
>
> ****
>
> ** **
>
> *From:* owner-openssl-us...@openssl.org [mailto:
> owner-openssl-us...@openssl.org] *On Behalf Of *Sebastian Raymond
> *Sent:* Tuesday, July 31, 2012 4:18 PM
> *To:* openssl-users@openssl.org
> *Subject:* Re: SSL compression****
>
> ** **
>
> Its not yet clear for me.
>
> What should be done to disable the compression? Since, the server is not
> going to be the openssl s_server.****
>
> On Tue, Jul 31, 2012 at 7:35 PM, Sebastian Raymond <ray.s...@gmail.com>
> wrote:****
>
> Hello,
>
> I have tried following:
> 1.
> $openssl s_server -accept 443 -cert server.crt -key server.key
> Result-> Client offered deflate compression and server selected
> compression method.
>
> 2.
> $openssl s_server -accept 443 -cert server.crt -key server.key *-no_comp
> *Result-> Client offered deflate compression and this time, *server
> selected null method.*****
>
> ** **
>
> On Tue, Jul 31, 2012 at 7:16 PM, Dr. Stephen Henson <st...@openssl.org>
> wrote:****
>
> On Tue, Jul 31, 2012, Sebastian Raymond wrote:
>
> > Hello,
> >
> > I have written a SSL client program to talk with SSL server.
> >
> > I have a linux machine and Openssl 1.0.0e is installed with zlib enabled.
> > That means, deflate compression method is supported.
> >
> > I want to transfer the data without compression. Therefore, I used
> > following to disable the compression.
> >
> > SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION);
> >
> > Where ctx is SSL_CTX object.
> >
> > When I inspect the traffic in Wireshark, I still see that my client
> program
> > is offering deflate compression method and server is replying with server
> > hello that chooses deflate as compression.
> >****
>
> What happens if you try this with the s_server utility and the -no_comp
> command line option?
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org****
>
>
>
> ****
>
> --
> Regards,
> *Sebastian*****
>
>
>
>
> --
> Regards,
> *Sebastian*****
>
--
Regards,
*Sebastian*
