On Sun, May 07, 2006 at 04:28:22PM -0400, Victor Duchovni wrote:
> It looks like I can call SSL_COMP_get_compression_methods(), and if I
> get a non-null stack, check whether the stack depth is > 0.
>
> static void my_set_options(SSL_CTX *ctx)
> {
> long options = SSL_OP_ALL;
>
> #if (OPENSSL_VERSION_NUMBER < 0x0090800fL) ||
> (OPENSSL_VERSION_NUMBER > 0x0090802fL)
>
> STACK_OF(SSL_COMP) *comp_methods;
>
> comp_methods = SSL_COMP_get_compression_methods();
> if (comp_methods != 0 && sk_SSL_COMP_num(comp_methods) > 0)
> options = SSL_OP_ALL & ~SSL_OP_TLS_BLOCK_PADDING_BUG;
> #endif
> SSL_CTX_set_options(ctx, options);
> }
>
> Does this seem sensible?
The "#if ( < ) || ( > )" test is inverted, sorry too much on the fly
editing, but you get the idea... Is the general approach sensible?
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
