Il 17/10/2014 01:11, Salz, Rich ha scritto:
That will not work. You can do this: #ifdef SSL_MODE_SEND_FALLBACK_SCSV SSL_CTX_set_mode(ctx, SSL_MODE_SEND_FALLBACK_SCSV) #endifBut that is not the same thing. You cannot just slip SCSV into an application without code changes to the application and to openssl.
Yep, and the problem is that I control the application, not which OpenSSL version is installed. Therefore I wanted to future-proof my application, so when OpenSSL gets upgraded to a version which supports SSL_MODE_SEND_FALLBACK_SCSV, everything will work *without* also recompiling the application.
Thus: the manual #define and the call in all cases. I'm fine if it's a no-op if OpenSSL doesn't support SSL_MODE_SEND_FALLBACK_SCSV, the important thing is that it doesn't break anything...
Thanks, -- Giuseppe D'Angelo | giuseppe.dang...@kdab.com | Software Engineer KDAB (UK) Ltd., a KDAB Group company Tel. UK +44-1738-450410, Sweden (HQ) +46-563-540090 KDAB - Qt Experts - Platform-independent software solutions
smime.p7s
Description: Firma crittografica S/MIME
