diff options
Diffstat (limited to 'doc/man3')
| -rw-r--r-- | doc/man3/COMP_CTX_new.pod | 38 | ||||
| -rw-r--r-- | doc/man3/SSL_COMP_add_compression_method.pod | 4 |
2 files changed, 32 insertions, 10 deletions
diff --git a/doc/man3/COMP_CTX_new.pod b/doc/man3/COMP_CTX_new.pod index 826fbb02d3..1fe1d691df 100644 --- a/doc/man3/COMP_CTX_new.pod +++ b/doc/man3/COMP_CTX_new.pod @@ -13,8 +13,11 @@ COMP_expand_block, COMP_zlib, COMP_brotli, COMP_brotli_oneshot, +COMP_zstd, +COMP_zstd_oneshot, BIO_f_zlib, -BIO_f_brotli +BIO_f_brotli, +BIO_f_zstd - Compression support =head1 SYNOPSIS @@ -36,9 +39,12 @@ BIO_f_brotli COMP_METHOD *COMP_zlib(void); COMP_METHOD *COMP_brotli(void); COMP_METHOD *COMP_brotli_oneshot(void); + COMP_METHOD *COMP_zstd(void); + COMP_METHOD *COMP_zstd_oneshot(void); const BIO_METHOD *BIO_f_zlib(void); const BIO_METHOD *BIO_f_brotli(void); + const BIO_METHOD *BIO_f_zstd(void); =head1 DESCRIPTION @@ -79,10 +85,18 @@ COMP_brotli() returns a B<COMP_METHOD> for stream-based Brotli compression. COMP_brotli_oneshot() returns a B<COMP_METHOD> for one-shot Brotli compression. +=item * + +COMP_zstd() returns a B<COMP_METHOD> for stream-based Zstandard compression. + +=item * + +COMP_zstd_oneshot() returns a B<COMP_METHOD> for one-shot Zstandard compression. + =back -BIO_f_zlib() and BIO_f_brotli() each return a B<BIO_METHOD> that may be used to -create a B<BIO> via L<BIO_new(3)> to read and write compressed files or streams. +BIO_f_zlib(), BIO_f_brotli() BIO_f_zstd() each return a B<BIO_METHOD> that may be used to +create a B<BIO> via B<BIO_new(3)> to read and write compressed files or streams. The functions are only available if the corresponding algorithm is compiled into the OpenSSL library. @@ -99,6 +113,8 @@ ZLIB may be found at L<https://zlib.net> Brotli may be found at L<https://github.com/google/brotli>. +Zstandard may be found at L<https://github.com/facebook/zstd>. + Compression of SSL/TLS records is not recommended, as it has been shown to lead to the CRIME attack L<https://en.wikipedia.org/wiki/CRIME>. It is disabled by default, and may be enabled by clearing the @@ -110,19 +126,21 @@ in RFC8879 L<https://datatracker.ietf.org/doc/html/rfc8879>. It may be disabled via the SSL_OP_NO_CERTIFICATE_COMPRESSION option of the L<SSL_CTX_set_options(3)> or L<SSL_set_options(3)> functions. -COMP_zlib() and COMP_brotli() are both stream-based compression methods. +COMP_zlib(), COMP_brotli() and COMP_zstd() are stream-based compression methods. Internal state (including compression dictionary) is maintained between calls. If an error is returned, the stream is corrupted, and should be closed. -COMP_brotli_oneshot() is not stream-based, it does not maintain state -between calls. An error in one call does not affect future calls. +COMP_brotli_oneshot() and COMP_zstd_oneshot() are not stream-based. These +methods do not maintain state between calls. An error in one call does not affect +future calls. =head1 RETURN VALUES COMP_CTX_new() returns a B<COMP_CTX> on success, or NULL on failure. -COMP_CTX_get_method(), COMP_zlib(), COMP_brotli(), and COMP_brotli_oneshot() -return a B<COMP_METHOD> on success, or NULL on failure. +COMP_CTX_get_method(), COMP_zlib(), COMP_brotli(), COMP_brotli_oneshot(), +COMP_zstd(), and COMP_zstd_oneshot() return a B<COMP_METHOD> on success, +or NULL on failure. COMP_CTX_get_type() and COMP_get_type() return a NID value. On failure, NID_undef is returned. @@ -134,7 +152,7 @@ bytes stored in the output buffer I<out>. This may be 0. On failure, COMP_get_name() returns a B<const char *> that must not be freed on success, or NULL on failure. -BIO_f_zlib() and BIO_f_brotli() return a B<BIO_METHOD>. +BIO_f_zlib(), BIO_f_brotli() and BIO_f_zstd() return a B<BIO_METHOD>. =head1 SEE ALSO @@ -142,7 +160,7 @@ L<BIO_new(3)>, L<SSL_CTX_set_options(3)>, L<SSL_set_options(3)> =head1 HISTORY -Brotli functions were added in OpenSSL 3.1.0. +Brotli and Zstandard functions were added in OpenSSL 3.2. =head1 COPYRIGHT diff --git a/doc/man3/SSL_COMP_add_compression_method.pod b/doc/man3/SSL_COMP_add_compression_method.pod index a5aa674cdb..4b32023959 100644 --- a/doc/man3/SSL_COMP_add_compression_method.pod +++ b/doc/man3/SSL_COMP_add_compression_method.pod @@ -70,6 +70,10 @@ following compression methods available: =item COMP_brotli_oneshot() +=item COMP_zstd() + +=item COMP_zstd_oneshot() + =back =head1 RETURN VALUES |