There's no good reason for SSL_shutdown() to ever return a value of 0.
The attached patch simplifies things.
--- openssl-1.0.1-beta3-0orig/ssl/s3_lib.c 2012-02-10 12:08:49.0
-0800
+++ openssl-1.0.1-beta3/ssl/s3_lib.c2012-03-02 11:19:53.847954000 -0800
@@ -4112,7 +4112,7 @@
Some minor updates to the openssl.spec: wrapping ifarch around the various lib
dirs to get the right files in the right places.
See attached diff
Some minor updates to the openssl.spec: wrapping ifarch around the various lib dirs to get the right files in the right places.See attached diff
I'd like to request moving the static function get_issuer_sk higher in the
x509_vf.c file, to permit it's use by other functions in the file, such as:
int X509_verify_cert(X509_STORE_CTX *ctx)
Attached is the patch that simply moves the function's declaration higher up in
the file.
I'll
[var...@yahoo.com - Sat Mar 03 13:23:18 2012]:
I'll submit another request related to why I want this done; but the
move itself should be OK, I think. [I would like to be able to
check the trusted store for any matching issuer when building the
client-verification chain. This
[sebast...@breakpoint.cc - Fri Mar 02 08:55:25 2012]:
* Stephen Henson via RT | 2012-02-27 17:43:48 [+0100]:
According to our records, your request has been resolved. If you have any
further questions or concerns, please respond to this message.
Is there a commit id or patch somewhere
[stkap...@cisco.com - Fri Feb 10 16:40:08 2012]:
I have verified with a new build that I was able to connect WITHOUT
forcing the TLS version. So the changes worked in my tests.
OK, thanks for the update, ticket resolved.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.