> [steve - Fri Jun 26 17:06:22 2009]:
> 
> > [jor...@redhat.com - Fri Jun 26 13:52:18 2009]:
> > 
> > On Thu, Jun 25, 2009 at 06:05:08PM +0200, Stephen Henson via RT wrote:
> > >
> > > I agree with the analysis.
> > 
> > Do you also agree with David's proposal to change the calls to
> > BIO_ctrl(, BIO_CTRL_INFO, ) into BIO_wpending() in ssl/*.c?  It seems
> > to
> > make sense to me.
> > 
> 
> Yes, I've applied it to all branches now. Many thanks David. Ticket
> resolved.
> 

Just a postscript to the issue. The above minimal fix was applied to
OpenSSL but the lack of a corresponding Apache fix has resulted in some
problems, not least of which is renegotiation not working because the
server hello request is not flushed.

As a result the OpenSSL change has been updated to call BIO_CTRL_INFO
and if that returns zero BIO_CTRL_WPENDING. This should now cover all cases.

Steve.
-- 
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to