Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Clean up DTLS timer workaround to make it work with Debian OpenSSL, h…
…opefully The Debian libraries don't export dtls1_stop_timer() since it's supposed to be an internal function. But thankfully I think we can do it manually. This sucks; it means that a misguided attempt at restricting us has forced us into poking at even *more* internal stuff than we ever wanted to. Yay Debian. Try to make it slightly less insane by putting upper and lower bounds on the versions for which we'll do it: We know that OpenSSL 1.0.0e and above won't be resending the ChangeCipherSpec messages anyway, because of the fix for OpenSSL RT#2505. I'm dubious about that being the correct thing to do, but it's working and it matches the Cisco client so I'm going to try not to think about it too hard. Also stop *defining* SSL_OP_CISCO_ANYCONNECT for ourselves, and simply refuse to build DTLS support if it's absent. That patch is merged into OpenSSL long ago, so we are effectively requiring 0.9.8m or above. That version is, by coincidence, also the first version where our own dirty reimplementation of dtls1_stop_timer() is valid. If someone does backport the Cisco compatibility patch to even-more-ancient OpenSSL than that, they'd best make sure they backport the other fixes too. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
- Loading branch information
David Woodhouse
authored and
David Woodhouse
committed
Sep 15, 2011
1 parent
33178ed
commit 269a2e1
Showing
3 changed files
with
50 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters