[PATCH] bugfix: a single SSL record can't contain >16KiB, therefore we must loop when writing a larger buffer

David Woodhouse dwmw2 at infradead.org
Wed Nov 29 02:00:01 PST 2017


On Wed, 2017-11-29 at 01:36 -0800, Daniel Lenski wrote:
> As usual, you're right on all counts, in particular the *non-pedantic*
> bit about <= vs. <.

Right on all but *one* count, perhaps... I wasn't *actually* sorry :)

In general, I think the world is a better place for having grumpy
pedants maintaining our VPN clients and other security-sensitive pieces
of software.

Which brings me back to your outstanding GlobalProtect support. I'd
love to merge that. If I recall correctly, the only thing that really
stopped me from doing so last time was this kind of minor detail.

You've done excellent work in putting it all together, and it just
needs a little bit of cleanup.

One thing I find useful for my own development work is to get the patch
ready to send in my mailer and then actually *read* it before I hit
send. Look at every line in the email I'm about to send, and make sure
it makes sense to me as I look at it with fresh eyes. Psychologically,
having it in a mail composer and with my mouse hovering over the 'send'
button tends to give me a new perspective, and makes me see the things
that I'd passed over in the fog of "wtf is wrong... does this work...
ok that bit works but *now* what's wrong..."

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4938 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20171129/a9679abf/attachment.bin>


More information about the openconnect-devel mailing list