On Thu, May 20, 1999, [EMAIL PROTECTED] wrote:
> [...]
> > > The idea behind this is to make the ssl session id available so that other
> > > modules may use the ssl session id as a `key' into their own session table.
> > >
> > > + result = ap_psprintf(p, "%x%s",
>pSession->session_id[i],
> > > +
>result);
> > > [...]
> >
> > Is there a reason why you reverse the bytes?
> > I think it should be ``..."%s%x", result, pSessio..''.
>
> No. It really doesn't matter, to me, in what order the bytes are. So long
> as it's consistent of course. Are the bytes really reversed?
Yes, because you call the above in a loop where i counts from 0 to maximum and
in every iteration you append the _next_ element to the _head_ of "result", so
I think the result is the id but in reversed byte order. At least with my
variant I've now comitted for 2.3.0 the SSL_SESSION_ID which a "GET
/cgi-bin/printenv HTTP/1.0" prints through a "openssl s_client" connection is
identical to the string "openssl s_client" itself prints out while processing.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
