[stunnel-users] stunnel 4.50 released

• Previous message (by thread): [stunnel-users] stunnel 4.50 released
• Next message (by thread): [stunnel-users] Compression
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ludovic LEVET wrote:
> It seem that openssl since version 0.9.8b zlib compression is enable
> by default. This is the problem of cpu usage of stunnel.
> Is it possible to force it disable it by 'compression = none' in a
> next version of stunnel ?

I did some research and the facts are:
1. Stunnel code for "compression" option is obsolete since OpenSSL 
0.9.8 (released 05 Jul 2005).
    The new implementation is compatible with: 
http://tools.ietf.org/html/rfc1951
2. Starting with OpenSSL 1.0.0 compression can be disabled with 
"options = NO_COMPRESSION" service-level option.
3. In OpenSSL version >= 0.9.8 and <1.0.0 there is currently no way to 
disable compression with an stunnel.conf option.

My conclusion:
I will add "compression = none" global option implemented as:
#ifndef OPENSSL_NO_COMP
     sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
#endif

Mike

• Previous message (by thread): [stunnel-users] stunnel 4.50 released
• Next message (by thread): [stunnel-users] Compression
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]