decompress libssl. ok beck jsing

9 files changed, 11 insertions, 326 deletions

diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index b1eeb85c64..18218f4c61 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.57 2014/07/09 11:25:42 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.58 2014/07/10 08:51:15 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -145,9 +145,6 @@
 
 #include <openssl/opensslconf.h>
 
-#ifndef OPENSSL_NO_COMP
-#include <openssl/comp.h>
-#endif
 #ifndef OPENSSL_NO_BIO
 #include <openssl/bio.h>
 #endif
@@ -488,8 +485,6 @@ struct ssl_session_st {
         time_t time;
         int references;
 
-        unsigned int compress_meth;     /* Need to lookup the method */
-
         const SSL_CIPHER *cipher;
         unsigned long cipher_id;        /* when ASN.1 loaded, this
                                          * needs to be used to load
@@ -682,11 +677,6 @@ typedef struct ssl_comp_st SSL_COMP;
 struct ssl_comp_st {
         int id;
         const char *name;
-#ifndef OPENSSL_NO_COMP
-        COMP_METHOD *method;
-#else
-        char *method;
-#endif
 };
 
 DECLARE_STACK_OF(SSL_COMP)
@@ -1099,11 +1089,6 @@ struct ssl_st {
 
         EVP_CIPHER_CTX *enc_read_ctx;           /* cryptographic state */
         EVP_MD_CTX *read_hash;                  /* used for mac generation */
-#ifndef OPENSSL_NO_COMP
-        COMP_CTX *expand;                       /* uncompress */
-#else
-        char *expand;
-#endif
 
         SSL_AEAD_CTX *aead_write_ctx;   /* AEAD context. If non-NULL, then
                                            enc_write_ctx and write_hash are
@@ -1111,12 +1096,6 @@ struct ssl_st {
 
         EVP_CIPHER_CTX *enc_write_ctx;          /* cryptographic state */
         EVP_MD_CTX *write_hash;                 /* used for mac generation */
-#ifndef OPENSSL_NO_COMP
-        COMP_CTX *compress;                     /* compression */
-#else
-        char *compress;
-
-#endif
 
         /* session info */
 
@@ -1836,20 +1815,6 @@ void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
 void SSL_set_tmp_ecdh_callback(SSL *ssl,
     EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));
 
-#ifndef OPENSSL_NO_COMP
-const COMP_METHOD *SSL_get_current_compression(SSL *s);
-const COMP_METHOD *SSL_get_current_expansion(SSL *s);
-const char *SSL_COMP_get_name(const COMP_METHOD *comp);
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
-int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
-#else
-const void *SSL_get_current_compression(SSL *s);
-const void *SSL_get_current_expansion(SSL *s);
-const char *SSL_COMP_get_name(const void *comp);
-void *SSL_COMP_get_compression_methods(void);
-int SSL_COMP_add_compression_method(int id, void *cm);
-#endif
-
 /* TLS extensions functions */
 int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
 
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
index 235c359af2..f956c50987 100644
--- a/src/lib/libssl/ssl3.h
+++ b/src/lib/libssl/ssl3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl3.h,v 1.23 2014/06/13 11:52:03 jsing Exp $ */
+/* $OpenBSD: ssl3.h,v 1.24 2014/07/10 08:51:15 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -117,9 +117,6 @@
 #ifndef HEADER_SSL3_H 
 #define HEADER_SSL3_H 
 
-#ifndef OPENSSL_NO_COMP
-#include <openssl/comp.h>
-#endif
 #include <openssl/buffer.h>
 #include <openssl/evp.h>
 #include <openssl/ssl.h>
@@ -285,12 +282,7 @@ extern "C" {
 
 /* If compression isn't used don't include the compression overhead */
 
-#ifdef OPENSSL_NO_COMP
 #define SSL3_RT_MAX_COMPRESSED_LENGTH           SSL3_RT_MAX_PLAIN_LENGTH
-#else
-#define SSL3_RT_MAX_COMPRESSED_LENGTH   \
-                (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
-#endif
 #define SSL3_RT_MAX_ENCRYPTED_LENGTH    \
                 (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
 #define SSL3_RT_MAX_PACKET_SIZE         \
@@ -336,7 +328,6 @@ typedef struct ssl3_record_st {
 /*r */  unsigned int off;       /* read/write offset into 'buf' */
 /*rw*/  unsigned char *data;    /* pointer to the record data */
 /*rw*/  unsigned char *input;   /* where the decode bytes are */
-/*r */  unsigned char *comp;    /* only used with decompression - malloc()ed */
 /*r */  unsigned long epoch;    /* epoch number, needed by DTLS1 */
 /*r */  unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
 } SSL3_RECORD;
@@ -492,11 +483,6 @@ typedef struct ssl3_state_st {
                 const EVP_MD *new_hash;
                 int new_mac_pkey_type;
                 int new_mac_secret_size;
-#ifndef OPENSSL_NO_COMP
-                const SSL_COMP *new_compression;
-#else
-                char *new_compression;
-#endif
                 int cert_request;
         } tmp;
 
diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c
index 0518876ab4..ce051252f6 100644
--- a/src/lib/libssl/ssl_algs.c
+++ b/src/lib/libssl/ssl_algs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_algs.c,v 1.18 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_algs.c,v 1.19 2014/07/10 08:51:15 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -112,12 +112,6 @@ SSL_library_init(void)
         EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
         EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
         EVP_add_digest(EVP_ecdsa());
-#ifndef OPENSSL_NO_COMP
-        /* This will initialise the built-in compression algorithms.
-           The value returned is a STACK_OF(SSL_COMP), but that can
-           be discarded safely */
-        (void)SSL_COMP_get_compression_methods();
-#endif
         /* initialize cipher/digest methods table */
         ssl_load_ciphers();
         return (1);
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
index 8594408898..43366b33b8 100644
--- a/src/lib/libssl/ssl_asn1.c
+++ b/src/lib/libssl/ssl_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_asn1.c,v 1.26 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_asn1.c,v 1.27 2014/07/10 08:51:15 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -118,10 +118,6 @@ i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
         unsigned char ibuf3[LSIZE2], ibuf4[LSIZE2], ibuf5[LSIZE2];
         int v6 = 0, v9 = 0, v10 = 0;
         unsigned char ibuf6[LSIZE2];
-#ifndef OPENSSL_NO_COMP
-        unsigned char cbuf;
-        int v11 = 0;
-#endif
         long l;
         SSL_SESSION_ASN1 a;
         M_ASN1_I2D_vars(in);
@@ -155,14 +151,6 @@ i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
         buf[0] = ((unsigned char)(l >> 8L))&0xff;
         buf[1] = ((unsigned char)(l    ))&0xff;
 
-#ifndef OPENSSL_NO_COMP
-        if (in->compress_meth) {
-                cbuf = (unsigned char)in->compress_meth;
-                a.comp_id.length = 1;
-                a.comp_id.type = V_ASN1_OCTET_STRING;
-                a.comp_id.data = &cbuf;
-        }
-#endif
 
         a.master_key.length = in->master_key_length;
         a.master_key.type = V_ASN1_OCTET_STRING;
@@ -248,10 +236,6 @@ i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
                 M_ASN1_I2D_len_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING, 10, v10);
         if (in->tlsext_hostname)
                 M_ASN1_I2D_len_EXP_opt(&(a.tlsext_hostname), i2d_ASN1_OCTET_STRING, 6, v6);
-#ifndef OPENSSL_NO_COMP
-        if (in->compress_meth)
-                M_ASN1_I2D_len_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING, 11, v11);
-#endif
 #ifndef OPENSSL_NO_PSK
         if (in->psk_identity_hint)
                 M_ASN1_I2D_len_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING, 7, v7);
@@ -288,10 +272,6 @@ i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
                 M_ASN1_I2D_put_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER, 9, v9);
         if (in->tlsext_tick)
                 M_ASN1_I2D_put_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING, 10, v10);
-#ifndef OPENSSL_NO_COMP
-        if (in->compress_meth)
-                M_ASN1_I2D_put_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING, 11, v11);
-#endif
         M_ASN1_I2D_finish();
 }
 
@@ -480,16 +460,6 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
                 os.length = 0;
         } else
                 ret->tlsext_tick = NULL;
-#ifndef OPENSSL_NO_COMP
-        os.length = 0;
-        os.data = NULL;
-        M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 11);
-        if (os.data) {
-                ret->compress_meth = os.data[0];
-                free(os.data);
-                os.data = NULL;
-        }
-#endif
 
 
         M_ASN1_D2I_Finish(a, SSL_SESSION_free, SSL_F_D2I_SSL_SESSION);
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index d84e45764e..0ba66cc89f 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.58 2014/07/09 14:20:55 jsing Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.59 2014/07/10 08:51:15 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -142,9 +142,6 @@
 
 #include <stdio.h>
 #include <openssl/objects.h>
-#ifndef OPENSSL_NO_COMP
-#include <openssl/comp.h>
-#endif
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
@@ -175,8 +172,6 @@ static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
 #define SSL_COMP_ZLIB_IDX       1
 #define SSL_COMP_NUM_IDX        2
 
-static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
-
 #define SSL_MD_MD5_IDX  0
 #define SSL_MD_SHA1_IDX 1
 #define SSL_MD_GOST94_IDX 2
@@ -645,81 +640,14 @@ ssl_load_ciphers(void)
         ssl_mac_secret_size[SSL_MD_SHA384_IDX]=
         EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
 }
-#ifndef OPENSSL_NO_COMP
-
-static int
-sk_comp_cmp(const SSL_COMP * const *a,
-    const SSL_COMP * const *b)
-{
-        return ((*a)->id - (*b)->id);
-}
-
-static void
-load_builtin_compressions(void)
-{
-        int got_write_lock = 0;
-
-        CRYPTO_r_lock(CRYPTO_LOCK_SSL);
-        if (ssl_comp_methods == NULL) {
-                CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
-                CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-                got_write_lock = 1;
-
-                if (ssl_comp_methods == NULL) {
-                        SSL_COMP *comp = NULL;
-
-                        ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
-                        if (ssl_comp_methods != NULL) {
-                                comp = malloc(sizeof(SSL_COMP));
-                                if (comp != NULL) {
-                                        comp->method = COMP_zlib();
-                                        if (comp->method &&
-                                            comp->method->type == NID_undef)
-                                                free(comp);
-                                        else {
-                                                comp->id = SSL_COMP_ZLIB_IDX;
-                                                comp->name = comp->method->name;
-                                                sk_SSL_COMP_push(ssl_comp_methods, comp);
-                                        }
-                                }
-                                sk_SSL_COMP_sort(ssl_comp_methods);
-                        }
-                }
-        }
-
-        if (got_write_lock)
-                CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-        else
-                CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
-}
-#endif
 
 /* ssl_cipher_get_comp sets comp to the correct SSL_COMP for the given
  * session and returns 1. On error it returns 0. */
 int
 ssl_cipher_get_comp(const SSL_SESSION *s, SSL_COMP **comp)
 {
-        SSL_COMP ctmp;
-        int i;
-
-#ifndef OPENSSL_NO_COMP
-        load_builtin_compressions();
-#endif
-
         *comp = NULL;
-        if (s->compress_meth == 0)
-                return 1;
-        if (ssl_comp_methods == NULL)
-                return 0;
-
-        ctmp.id = s->compress_meth;
-        i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp);
-        if (i >= 0) {
-                *comp = sk_SSL_COMP_value(ssl_comp_methods, i);
-                return 1;
-        }
-
-        return 0;
+        return 1;
 }
 
 int
@@ -1919,102 +1847,3 @@ SSL_CIPHER_get_id(const SSL_CIPHER *c)
 {
         return c->id;
 }
-
-SSL_COMP *
-ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
-{
-        SSL_COMP *ctmp;
-        int i, nn;
-
-        if ((n == 0) || (sk == NULL))
-                return (NULL);
-        nn = sk_SSL_COMP_num(sk);
-        for (i = 0; i < nn; i++) {
-                ctmp = sk_SSL_COMP_value(sk, i);
-                if (ctmp->id == n)
-                        return (ctmp);
-        }
-        return (NULL);
-}
-
-#ifdef OPENSSL_NO_COMP
-void *
-SSL_COMP_get_compression_methods(void)
-{
-        return NULL;
-}
-
-int
-SSL_COMP_add_compression_method(int id, void *cm)
-{
-        return 1;
-}
-
-const char *
-SSL_COMP_get_name(const void *comp)
-{
-        return NULL;
-}
-#else
-STACK_OF(SSL_COMP) *
-SSL_COMP_get_compression_methods(void)
-{
-        load_builtin_compressions();
-        return (ssl_comp_methods);
-}
-
-int
-SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
-{
-        SSL_COMP *comp;
-
-        if (cm == NULL || cm->type == NID_undef)
-                return 1;
-
-        /* According to draft-ietf-tls-compression-04.txt, the
-           compression number ranges should be the following:
-
-           0 to 63:    methods defined by the IETF
-           64 to 192:  external party methods assigned by IANA
-           193 to 255: reserved for private use */
-        if (id < 193 || id > 255) {
-                SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
-                    SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
-                return 1;
-        }
-
-        comp = malloc(sizeof(SSL_COMP));
-        if (comp == NULL) {
-                SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
-                    ERR_R_MALLOC_FAILURE);
-                return (1);
-        }
-        comp->id = id;
-        comp->method = cm;
-        load_builtin_compressions();
-        if (ssl_comp_methods &&
-            sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) {
-                free(comp);
-                SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
-                    SSL_R_DUPLICATE_COMPRESSION_ID);
-                return (1);
-        } else if ((ssl_comp_methods == NULL) ||
-            !sk_SSL_COMP_push(ssl_comp_methods, comp)) {
-                free(comp);
-                SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
-                    ERR_R_MALLOC_FAILURE);
-                return (1);
-        } else {
-                return (0);
-        }
-}
-
-const char *
-SSL_COMP_get_name(const COMP_METHOD *comp)
-{
-        if (comp)
-                return comp->name;
-        return NULL;
-}
-
-#endif
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index a5f2f3f751..765012e861 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.71 2014/07/10 08:18:55 bcook Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.72 2014/07/10 08:51:15 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1793,9 +1793,6 @@ SSL_CTX_new(const SSL_METHOD *meth)
         CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
 
         ret->extra_certs = NULL;
-        /* No compression for DTLS */
-        if (meth->version != DTLS1_VERSION)
-                ret->comp_methods = SSL_COMP_get_compression_methods();
 
         ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
 
@@ -2610,12 +2607,6 @@ ssl_clear_cipher_ctx(SSL *s)
                 s->aead_write_ctx = NULL;
         }
 
-#ifndef OPENSSL_NO_COMP
-        COMP_CTX_free(s->expand);
-        s->expand = NULL;
-        COMP_CTX_free(s->compress);
-        s->compress = NULL;
-#endif
 }
 
 /* Fix this function so that it takes an optional type parameter */
@@ -2645,7 +2636,6 @@ SSL_get_current_cipher(const SSL *s)
                 return (s->session->cipher);
         return (NULL);
 }
-#ifdef OPENSSL_NO_COMP
 const void *
 SSL_get_current_compression(SSL *s)
 {
@@ -2657,24 +2647,6 @@ SSL_get_current_expansion(SSL *s)
 {
         return (NULL);
 }
-#else
-
-const COMP_METHOD *
-SSL_get_current_compression(SSL *s)
-{
-        if (s->compress != NULL)
-                return (s->compress->meth);
-        return (NULL);
-}
-
-const COMP_METHOD *
-SSL_get_current_expansion(SSL *s)
-{
-        if (s->expand != NULL)
-                return (s->expand->meth);
-        return (NULL);
-}
-#endif
 
 int
 ssl_init_wbio_buffer(SSL *s, int push)
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 2b3d1b8e44..b3bc4f4ae4 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.56 2014/07/09 11:25:42 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.57 2014/07/10 08:51:15 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -153,9 +153,6 @@
 
 #include <openssl/opensslconf.h>
 #include <openssl/buffer.h>
-#ifndef OPENSSL_NO_COMP
-#include <openssl/comp.h>
-#endif
 #include <openssl/bio.h>
 #include <openssl/stack.h>
 #include <openssl/rsa.h>
@@ -547,15 +544,6 @@ struct ssl_aead_ctx_st {
         char variable_nonce_in_record;
 };
 
-#ifndef OPENSSL_NO_COMP
-/* Used for holding the relevant compression methods loaded into SSL_CTX */
-typedef struct ssl3_comp_st {
-        int comp_id;    /* The identifier byte for this compression type */
-        char *name;     /* Text name used for the compression type */
-        COMP_METHOD *method; /* The method :-) */
-} SSL3_COMP;
-#endif
-
 extern SSL3_ENC_METHOD ssl3_undef_enc_method;
 extern SSL_CIPHER ssl3_ciphers[];
 
@@ -685,8 +673,6 @@ long tls1_default_timeout(void);
 int dtls1_do_write(SSL *s, int type);
 int ssl3_read_n(SSL *s, int n, int max, int extend);
 int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_do_compress(SSL *ssl);
-int ssl3_do_uncompress(SSL *ssl);
 int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
     unsigned int len);
 unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 7932f20151..b3dd3e6117 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.34 2014/06/21 20:27:25 tedu Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.35 2014/07/10 08:51:15 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -207,7 +207,6 @@ SSL_SESSION_new(void)
         ss->time = time(NULL);
         ss->prev = NULL;
         ss->next = NULL;
-        ss->compress_meth = 0;
         ss->tlsext_hostname = NULL;
 
         ss->tlsext_ecpointformatlist_length = 0;
@@ -233,7 +232,7 @@ SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
 unsigned int
 SSL_SESSION_get_compress_id(const SSL_SESSION *s)
 {
-        return s->compress_meth;
+        return 0;
 }
 
 /* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
index c06e2d23b7..25f2290290 100644
--- a/src/lib/libssl/ssl_txt.c
+++ b/src/lib/libssl/ssl_txt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_txt.c,v 1.21 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_txt.c,v 1.22 2014/07/10 08:51:15 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -182,22 +182,6 @@ SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
                         goto err;
         }
 
-#ifndef OPENSSL_NO_COMP
-        if (x->compress_meth != 0) {
-                SSL_COMP *comp = NULL;
-
-                if (!ssl_cipher_get_comp(x, &comp))
-                        goto err;
-
-                if (comp == NULL) {
-                        if (BIO_printf(bp, "\n    Compression: %d", x->compress_meth) <= 0)
-                                goto err;
-                } else {
-                        if (BIO_printf(bp, "\n    Compression: %d (%s)", comp->id, comp->method->name) <= 0)
-                                goto err;
-                }
-        }
-#endif
         if (x->time != 0) {
                 if (BIO_printf(bp, "\n    Start Time: %lld", (long long)x->time) <= 0)
                         goto err;