On 2012-10-06 02:27:45, Adam Conrad wrote: > Rejecting for now, based on the diff, until someone explains to me why > the upstream commit adds the same code block to two files (s3_clnt.c and > s23_clnt.c), but the Ubuntu patch only swaps the get_version call to > get_client_version in one of them (s23_clnt.c). This feels wrong to me, > but maybe there's a valid reason for it?
There's a reason, but I'm not sure if it is actually valid: That's how it is in Precise. I mentioned that s3_clnt.c should probably be changed to TLS1_get_client_version() in this bug description and the patch that I proposed to upstream in rt #2881 does make that change. But since upstream hasn't commented and things seem to be working ok in Precise, I don't want to rock the boat too much at this point. FWIW, I did switch ssl3_client_hello() over to use TLS1_get_client_version() and all of the test results above were the same. So I'm ok with making the change, but I'd rather not at this point. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1051892 Title: [Quantal] Regression in TLS 1.2 workarounds To manage notifications about this bug go to: https://bugs.launchpad.net/openssl/+bug/1051892/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs