[openssl-dev] [PATCH] Add support for minimum and maximum protocol version supported by a cipher
David Woodhouse
dwmw2 at infradead.org
Fri Jul 8 20:15:12 UTC 2016
On Fri, 2016-07-08 at 19:13 +0000, Viktor Dukhovni wrote:
>
> Perhaps rename dtls_ver_cmp() to dtls_ver_ordinal(), "cmp" suggests
> that you're actually doing a comparison.
Well, 'cmp' with one argument isn't *so* easily interpreted as a
comparison, but OK :)
I've also added a comment explaining a little about what's going on.
> Given this macro, one
> might consider complementing the versions, so that the ordinals
> compare in the usual way:
>
> #define dtls_ver_ordinal(v) (((v) == DTLS1_BAD_VER) ? 0x00ff : (0xffff ^ (v)))
I suppose we can, if someone feels strongly about it. It didn't seem
worth the additional churn.
One of 4 patches in https://github.com/openssl/openssl/pull/1296 which
actually make OpenConnect work again...
--
David Woodhouse Open Source Technology Centre
David.Woodhouse at intel.com Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5760 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160708/64b8ae6e/attachment-0001.bin>
More information about the openssl-dev
mailing list