From 2f0275a4c3c8921e51d5c0ceb64a71d53dda5da0 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 19 Mar 2013 13:43:06 +0000 Subject: [PATCH] Disable compression for DTLS. The only standard compression method is stateful and is incompatible with DTLS. --- ssl/ssl_lib.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 1de2625c58..c3b4032368 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1865,7 +1865,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data); ret->extra_certs=NULL; - ret->comp_methods=SSL_COMP_get_compression_methods(); + /* No compression for DTLS */ + if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)) + ret->comp_methods=SSL_COMP_get_compression_methods(); ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; -- 2.40.0