On Sun, Apr 22, 2012 at 04:13:03PM -0400, Wietse Venema wrote:
> > On Sun, Apr 22, 2012 at 03:28:43PM -0400, Wietse Venema wrote:
> >
> > > Why do we need to have (expr & TLS_KNOWN_PROTOCOLS) in the code
> > > in the first place? If we get rid of it, then we don't have to
> > > rush out patches each time the OpenSSL team comes out with a
> > > new incompatible protocol.
> >
> > The "TLS_KNOWN_PROTOCOLS" bits are a Postfix tls.h feature, there
>
> Yes, but do we need this? Otherwise I'll rip this out and avoid
> the need to rush out five inter-operability patches each time
> that the OpenSSL team enriches our lives with another protocol.
When OpenSSL adds new protocols we still need new code to support
exclusion of new protocols. Nothing in "TLS_KNOWN_PROTOCOLS" changes
that.
The "TLS_KNOWN_PROTOCOLS" bitmask supports conversion of:
smtp_tls_protocols = TLSv1
to the equivalent (for Postfix 2.9 or earlier)
smtp_tls_protocols = !SSLv2, !SSLv3
With Postfix 2.10 (patched as proposed), the equivalent exclusion
form is:
smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1_1, !TLSv1_2
so the mapping from a set to its complement, naturally depends on
the universal set at hand.
Dropping the inclusion syntax creates a backwards compatibility
problem.
I am not sure why you feel there is an imperative to drop it. If
we don't want to implement features to disable new protocols, we
don't need to make any code changes. If we do want to allow
control over new protocols, we need new code, with our without
TLS_KNOWN_PROTOCOLS.
--
Viktor.
