On 23/04/15 15:04, Kamil Dudka wrote:
On Thursday 23 April 2015 14:11:25 Paul Howarth wrote:
On 22/04/15 17:42, Kamil Dudka wrote:
On Wednesday 22 April 2015 13:10:22 Paul Howarth wrote:
On 22/04/15 13:03, Kamil Dudka wrote:
If SSL_SetCanFalseStartCallback() is the newest introduced symbol
required
for the TLS False Start feature to work, we can add autoconf check for
the
presence of that symbol in NSS libs, and #ifdef the code based on the
result of that check. That would cover also the case where a downstream
maintainer cherry-picks the feature to an older version of NSS.
Works for me. I'm able to build with the attached patch, which should be
adaptable to being an autoconf-based one instead of a version-number
based one.
Paul.
Thanks for the patch! Do we still need the #ifdef for
SSL_ENABLE_FALSE_START if the code is already #idef-ed based on the NSS
version?
Only the ones within the NSS-version #ifdef (not all are), and only if
NSS upstream does not support building without TLS 1.2 support (I don't
know if this is the case or not).
Paul.
Even if NSS had an option to disable TLS 1.2, I believe it would not hide
the define of SSL_LIBRARY_VERSION_TLS_1_2. If TLS 1.2 was not implemented
by NSS, it would effectively disable the False Start feature but it should
not break the compilation.
Paul, could you please try the attached patch whether it works for you?
Builds OK for F-15 (OpenSSL build), F-16 (NSS 3.14.1), F-17 (NSS
3.14.3), F-18 (3.15.3), F-19 (NSS 3.17.2) and Rawhide. Looks good!
Paul.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
