I see that we've used up all 32 bits of options in the SSL structure. Any
thought given on how to extend that? A 64-bit long long seems simplest, but
might have issues with some of your older platforms.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
On Thu, Feb 14, 2013, Salz, Rich wrote:
I see that we've used up all 32 bits of options in the SSL structure. Any
thought given on how to extend that? A 64-bit long long seems simplest,
but might have issues with some of your older platforms.
OpenSSL 1.0.2 has added an extra cert_flags
OpenSSL 1.0.2 has added an extra cert_flags field as part of the CERT
structure. Adding things to
CERT has the advantage that it is one of the few structures in the ssl
library that has always been opaque.
And so do you change the options from a raw hex number (0x08000 etc) to a
bitnumber