On 2012-10-06 02:27:45, Adam Conrad wrote:
> Rejecting for now, based on the diff, until someone explains to me why
> the upstream commit adds the same code block to two files (s3_clnt.c and
> s23_clnt.c), but the Ubuntu patch only swaps the get_version call to
> get_client_version in one of them (s23_clnt.c). This feels wrong to me,
> but maybe there's a valid reason for it?
There's a reason, but I'm not sure if it is actually valid:
That's how it is in Precise.
I mentioned that s3_clnt.c should probably be changed to
TLS1_get_client_version() in this bug description and the patch that I
proposed to upstream in rt #2881 does make that change. But since
upstream hasn't commented and things seem to be working ok in Precise, I
don't want to rock the boat too much at this point.
FWIW, I did switch ssl3_client_hello() over to use
TLS1_get_client_version() and all of the test results above were the
same. So I'm ok with making the change, but I'd rather not at this
point.
On 2012-10-06 02:27:45, Adam Conrad wrote:
> Rejecting for now, based on the diff, until someone explains to me why
> the upstream commit adds the same code block to two files (s3_clnt.c and
> s23_clnt.c), but the Ubuntu patch only swaps the get_version call to
> get_client_version in one of them (s23_clnt.c). This feels wrong to me,
> but maybe there's a valid reason for it?
There's a reason, but I'm not sure if it is actually valid:
That's how it is in Precise.
I mentioned that s3_clnt.c should probably be changed to client_ version( ) in this bug description and the patch that I
TLS1_get_
proposed to upstream in rt #2881 does make that change. But since
upstream hasn't commented and things seem to be working ok in Precise, I
don't want to rock the boat too much at this point.
FWIW, I did switch ssl3_client_hello() over to use client_ version( ) and all of the test results above were the
TLS1_get_
same. So I'm ok with making the change, but I'd rather not at this
point.