SASL property for compression layer
Ken Murchison
murch at andrew.cmu.edu
Mon Nov 16 17:04:16 EST 2015
On 11/01/2015 03:17 PM, Julien ÉLIE via Cyrus-sasl wrote:
> Hi,
>
> I am currently working on implementing the NNTP COMPRESS command in
> the InternetNetNews news server. This commands permits to start a
> compression layer (like the COMPRESS command for IMAP).
>
> I have a question about a possible already active compression layer
> after the use of SASL authentication. Is there a way to check whether
> a compression layer has been negotiated during SASL authentication?
>
>
> With OpenSSL, we can use the SSL_get_current_compression() function to
> see whether a compression layer has been negotiated at the same time
> of the TLS encryption layer. A similar function could be useful in
> Cyrus SASL if it does not already exist. (Maybe current or future SASL
> mechanisms can or will negotiate a compression layer.)
>
>
> Note: it could be a property like SASL_SSF that InternetNewsNews
> already checks after SASL authentication to see whether an encryption
> layer has been negotiated. If the value of that property is >0, the
> use of STARTTLS is disabled as an encryption layer already exists.
>
There is no such property defined in the SASL API at this time.
--
Kenneth Murchison
Principal Systems Software Engineer
Carnegie Mellon University
More information about the Cyrus-sasl
mailing list