On Fri, Jun 14, 2013, Bodo Moeller wrote: > On Thu, Jun 13, 2013 at 6:39 PM, Ben Laurie <b...@links.org> wrote: > > It is therefore suggested that I pull this patch: > > > > > > https://github.com/agl/openssl/commit/0d26cc5b32c23682244685975c1e9392244c0a4d > > > The behavior change applies only if new option > SSL_OP_SAFARI_ECDHE_ECDSA_BUG is used (part of SSL_OP_ALL), as is standard > for interoperability bug workarounds, so while it is very unfortunate that > we'd need to do this, I'm in favor of accepting this patch.
Note that the patch changes the value of SSL_OP_ALL so if OpenSSL shared libraries are updated to include the patch existing applications wont set it: they'd all need to be recompiled. Possibly alternative is to reuse one of the existing *ancient* flags. Does anyone really care about compatibility with a bug in SSLeay 0.80 for example? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
