Bug 168396 - [build] [patch] src.conf tunables to enable zlib compression in openssl
Summary: [build] [patch] src.conf tunables to enable zlib compression in openssl
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 9.0-STABLE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-27 23:30 UTC by Aragon Gouveia
Modified: 2018-01-08 04:14 UTC (History)
1 user (show)

See Also:


Attachments
file.diff (943 bytes, patch)
2012-05-27 23:30 UTC, Aragon Gouveia
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Aragon Gouveia 2012-05-27 23:30:01 UTC
Attached patch adds two new src.conf tunables:

WITH_OPENSSL_ZLIB
WITH_OPENSSL_ZLIB_SHARED

The first enables zlib compression in the OpenSSL build, both combined makes zlib library load during runtime (dlopen()).

More testing/review appreciated.  Please consider this for commit. :)

Fix: Patch attached with submission follows:
How-To-Repeat: Testing for working compression can be done by with s_client:

openssl s_client -no_ssl2 -no_ssl3 -connect issues.apache.org:443
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2013-03-10 02:57:09 UTC
Responsible Changed
From-To: freebsd-bugs->jkim

jkim, do you have an opinion on this one?
Comment 2 Mark Linimon freebsd_committer freebsd_triage 2013-03-27 01:53:45 UTC
Responsible Changed
From-To: jkim->benl

Over to new openssl maintainer. 

Requested by:	jkim
Comment 3 jeff.lawson 2016-06-21 23:07:58 UTC
SSL/TLS compression is increasingly considered obsolete and a security hazard, to the extent that it is slated to be removed from the upcoming TLS 1.3 standard:
https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3_.28draft.29
Comment 4 Eitan Adler freebsd_committer freebsd_triage 2018-01-08 04:14:42 UTC
For the following conditions
Product: Base System, Documentation Status: New, Open, In Progress, UNCONFIRMED 
Assignee: Former FreeBSD committer 

Reset to default assignee. Reset status to "Open".