Don't offer TLS compression by default

There is at least one server that will fail under some circumstances if the ClientHello offers a compression method other than null.

In OpenSSL 1.1.0 and 1.1.1, s_client will not offer any other compression methods unless the "-comp" option is provided. However, in earlier versions of OpenSSL, s_client will by default offer the DEFLATE compression method, however, this can be disabled using the "-no_comp" option.

This PR addresses the flaw in this server by having s_client_options() add a "-no_comp" option to the command line if "-no_comp" is supported and the test doesn't require offering compression.

Since run_crime() requires compression to be offered, run_crime() was changed to always add "-comp" to the command line, and then s_client_options() was changed to remove "-comp" from the command line, if that option isn't supported.

testssl.sh

@@ -316,6 +316,8 @@ HAS_PKEY=false
 HAS_NO_SSL2=false
 HAS_NOSERVERNAME=false
 HAS_CIPHERSUITES=false
+HAS_COMP=false
+HAS_NO_COMP=false
 HAS_ALPN=false
 HAS_NPN=false
 HAS_FALLBACK_SCSV=false
@@ -1620,6 +1622,20 @@ s_client_options() {
      # isn't needed for these versions of OpenSSL.)
      ! "$HAS_NO_SSL2" && options="${options//-no_ssl2/}"
 
+     # At least one server will fail under some circumstances if compression methods are offered.
+     # So, only offer compression methds if necessary for the test. In OpenSSL 1.1.0 and
+     # 1.1.1 compression is only offered if the "-comp" option is provided.
+     # OpenSSL 1.0.0, 1.0.1, and 1.0.2 offer compression unless the "-no_comp" option is provided.
+     # OpenSSL 0.9.8 does not support either the "-comp" or the "-no_comp" option.
+     if [[ " $options " =~ " -comp " ]]; then
+          # Compression is needed for the test. So, remove "-comp" if it isn't supported, but
+          # otherwise make no changes.
+          ! "$HAS_COMP" && options="${options//-comp/}"
+     else
+          # Compression is not needed. So, specify "-no_comp" if that option is supported.
+          "$HAS_NO_COMP" && options+=" -no_comp"
+     fi
+
      # If $OPENSSL is compiled with TLSv1.3 support and s_client is called without
      # specifying a protocol, but specifying a list of ciphers that doesn't include
      # any TLSv1.3 ciphers, then the command will always fail. So, if $OPENSSL supports
@@ -12723,11 +12739,8 @@ run_crime() {
           fi
      else
           [[ "$OSSL_VER" == "0.9.8"* ]] && addcmd="-no_ssl2"
-          if [[ $OSSL_VER_MAJOR.$OSSL_VER_MINOR == "1.1.0"* ]] || [[ $OSSL_VER_MAJOR.$OSSL_VER_MINOR == "1.1.1"* ]]; then
-               addcmd="-comp"
-          fi
           "$HAS_TLS13" && [[ -z "$OPTIMAL_PROTO" ]] && addcmd+=" -no_tls1_3"
-          $OPENSSL s_client $(s_client_options "$OPTIMAL_PROTO $BUGS $addcmd $STARTTLS -connect $NODEIP:$PORT $PROXY $SNI") </dev/null &>$TMPFILE
+          $OPENSSL s_client $(s_client_options "$OPTIMAL_PROTO $BUGS -comp $addcmd $STARTTLS -connect $NODEIP:$PORT $PROXY $SNI") </dev/null &>$TMPFILE
           sclient_connect_successful $? $TMPFILE
           sclient_success=$?
      fi
@@ -14942,6 +14955,12 @@ find_openssl_binary() {
      $OPENSSL s_client -ciphersuites -connect x 2>&1 | grep -aq "unknown option" || \
           HAS_CIPHERSUITES=true
 
+     $OPENSSL s_client -comp -connect x 2>&1 | grep -aq "unknown option" || \
+          HAS_COMP=true
+
+     $OPENSSL s_client -no_comp -connect x 2>&1 | grep -aq "unknown option" || \
+          HAS_NO_COMP=true
+
      OPENSSL_NR_CIPHERS=$(count_ciphers "$(actually_supported_ciphers 'ALL:COMPLEMENTOFALL' 'ALL')")
 
      for curve in "${curves_ossl[@]}"; do