Disable compression for DTLS.
authorDr. Stephen Henson <steve@openssl.org>
Tue, 19 Mar 2013 13:43:06 +0000 (13:43 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 19 Mar 2013 13:43:06 +0000 (13:43 +0000)
The only standard compression method is stateful and is incompatible with
DTLS.

ssl/ssl_lib.c

index 1de2625..c3b4032 100644 (file)
@@ -1865,7 +1865,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
 
        ret->extra_certs=NULL;
-       ret->comp_methods=SSL_COMP_get_compression_methods();
+       /* No compression for DTLS */
+       if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS))
+               ret->comp_methods=SSL_COMP_get_compression_methods();
 
        ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;