On 12/06/15 09:52, Tomas Mraz wrote: > On Pá, 2015-06-12 at 11:49 +0300, Timo Teras wrote: >> On Fri, 12 Jun 2015 11:27:42 +0300 >> Timo Teras <[email protected]> wrote: >> >>> On Thu, 11 Jun 2015 21:09:59 -0400 >>> Dan McDonald <[email protected]> wrote: >>> >>>> >>>>> On Jun 11, 2015, at 9:07 PM, Dan McDonald <[email protected]> >>>>> wrote: >>>>> >>>>> typedef struct hmac_ctx_st { >>>>> const EVP_MD *md; >>>>> EVP_MD_CTX md_ctx; >>>>> EVP_MD_CTX i_ctx; >>>>> EVP_MD_CTX o_ctx; >>>>> unsigned int key_length; >>>>> unsigned char key[HMAC_MAX_MD_CBLOCK]; >>>>> + int key_init; >>>>> } HMAC_CTX; >>>> >>>> A cheesy, but binary compatible, fix might be: >>>> >>>> typedef struct hmac_ctx_st { >>>> const EVP_MD *md; >>>> EVP_MD_CTX md_ctx; >>>> EVP_MD_CTX i_ctx; >>>> EVP_MD_CTX o_ctx; >>>> unsigned int key_init:1; /* Ewww, cheesy use of bitfields... */ >>>> unsigned int key_length:31; /* but the sizeof (HMAC_CTX) doesn't >>>> change! */ unsigned char key[HMAC_MAX_MD_CBLOCK]; >>>> } HMAC_CTX; >>> >>> Why is separate key_init needid? Could we not use md!=NULL or >>> key_length!=0 checks to see if the context is initialized? >> >> Seems it'd be along with the line to just use key_length instead. > > Yes, this needs to be reverted and key_length or some other workaround > used instead. I had a hope that breaking ABI compatibility on 1.0.x > branches is no-go. >
Breaking ABI compatibility on 1.0.x is (supposed to be) a no-go. We're just debating what the appropriate response is to this issue. Matt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
