SASL property for compression layer

Ken Murchison murch at
Mon Nov 16 17:04:16 EST 2015

On 11/01/2015 03:17 PM, Julien ÉLIE via Cyrus-sasl wrote:
> Hi,
> I am currently working on implementing the NNTP COMPRESS command in 
> the InternetNetNews news server.  This commands permits to start a 
> compression layer (like the COMPRESS command for IMAP).
> I have a question about a possible already active compression layer 
> after the use of SASL authentication.  Is there a way to check whether 
> a compression layer has been negotiated during SASL authentication?
> With OpenSSL, we can use the SSL_get_current_compression() function to 
> see whether a compression layer has been negotiated at the same time 
> of the TLS encryption layer.  A similar function could be useful in 
> Cyrus SASL if it does not already exist. (Maybe current or future SASL 
> mechanisms can or will negotiate a compression layer.)
> Note:  it could be a property like SASL_SSF that InternetNewsNews 
> already checks after SASL authentication to see whether an encryption 
> layer has been negotiated.  If the value of that property is >0, the 
> use of STARTTLS is disabled as an encryption layer already exists.

There is no such property defined in the SASL API at this time.

Kenneth Murchison
Principal Systems Software Engineer
Carnegie Mellon University

More information about the Cyrus-sasl mailing list