On 05.09.2010, at 02:08, Stephen Henson via RT wrote: >> [[email protected] - Mon Aug 30 16:26:24 2010]: >> >> On Aug 27, 2010, at 2:32 PM, Stephen Henson via RT wrote: >> >>>> [[email protected] - Fri Aug 27 11:34:17 2010]: >>>> >>>> Unfortunately, there was newer code which was not yet covered by >> the >>>> patch. This caused an abbreviated handshake to fail. >>>> >>> >>> Applied now, thanks. >>> >>> Note that since we need to retain binary compatibility between 1.0.0 >> and >>> 1.0.1 we will need to either avoid having to add a new field to >> ssl.h or >>> move it to the end of the structure. >>> >>> As things are any application accessing a field after the new member >>> would misbehave. >> >> Do you need a patch which moves the "int renegotiate;" to the end of >> the struct for 1.0.1? >> > > No, I was just wondering if it was possible to achieve the same > functionality without adding any new fields to the SSL structure? For > example by adding flags or new values to the existing new_session field?
The latest patch was modified to maintain the previous values of new_session for legacy applications. We can either break compatibility of a few applications, if any, by adding a new field or by adding new values. I don't see any possibility to avoid this at all. -Robin ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
