[tor-dev] [patch] properly test for OPENSSL_NO_COMP

grarpamp grarpamp at gmail.com
Mon Jul 14 03:01:23 UTC 2014


On Sun, Jul 13, 2014 at 7:23 PM, Ian Goldberg <iang at cs.uwaterloo.ca> wrote:
> On Sun, Jul 13, 2014 at 07:20:29PM -0400, grarpamp wrote:
>> >    /* Don't actually allow compression; it uses ram and time, but the data
>> >     * we transmit is all encrypted anyway. */
>> >      result->ctx->comp_methods = NULL;
>>
>> This comment is confusing. Why are you asserting/mixing the two with
>> the ', but' that 'encryption anyway' is excuse to not compress due to
>> 'ram/time'? They are two separate things. Either you are encrypting
>> compressed data, or encrypting uncompressed data.
>
> It seems to me the intent of the comment is that the *plaintext* data
> being transmitted is already encrypted (at another layer), and so is not
> going to be compressible, so don't waste ram/time trying to do so.

I though this portion referred to compress then encrypt, not
encrypt then compress (which would of course be pointless).
ie: I thought the openssl zlib routines were to compressed then
encrypted.


More information about the tor-dev mailing list