Brian Long wrote:
> On Fri, 2006-01-27 at 15:23 +0100, Stephen Henson via RT wrote:
>> Note that some TLS extension code has recently been committed to the
>> HEAD (0.9.9-dev). So if this is to be included into OpenSSL it would
>> have to work with that.

> Is it true that openssl-0.9.7 and 0.9.8 are frozen with regards to
> features like TLS extensions?

The message above means that there's no way a patch that's different and
incompatible with the one in 0.9.9 will be included. Not more than that.
This will never get inside 0.9.7, that's certain.

But I think the door is not completely closed on it getting inside an
evolution of 0.9.8.
0.9.8 is really recent as far as openssl development goes, 0.9.9 is a
really far perspective, so I think we *could* get in a situation where a
convincing case could be presented to the openssl team that this feature
is important enough to deserve to be back-ported and integrated in the
stable release.
But only if the code gets really stable and the change does not impact
too much of 0.9.8.
> For example, Red Hat Enterprise Linux 4 was released almost 1 year ago
> and includes 0.9.7a plus all the security patches issue over the last
> year. If I need the TLS extension patch officially supported by Red
> Hat, it would have to come from "upstream" -- your group -- or they
> would have to support it as a one-off patch. I was hoping your group
> would accept it, but it appears your efforts are concentrated on 0.9.9-
> dev.

Please check how your patch compares to the one that's in 0.9.9, if it
brings something useful to it and in that case submit the enhancements
to the 0.9.9 version.
Then see how to create a patch based on the 0.9.9 version (and on any
enhancement you could find), but that applies to 0.9.8.
Then there's a chance in the future, RHEL 5 with 0.9.8 will some day
include it.

__________________________________________________ ____________________
OpenSSL Project
Development Mailing List
Automated List Manager