Gentlefolk,
Here's a few problems I've encountered so far with openssl.
(1)
In bn_lcl.h, definitions of BN_MULL_SIZE_NORMAL, etc.
My AIX C compiler is not happy with the double slashes.
Are these supposed to be C++ comments? That's what I
told my C compiler they were (AIX option), but maybe I
lucked out since I'm using RSAREF and probably wouldn't
be executing any of this code.
(2)
In s_server.c, the call to SSL_load_client_CA_file uses
the wrong file. It works a lot better if CAfile is used
instead of the client's certificate (s_cert_file).
(3)
Really a mod_ssl problem, I reckon. Anyway, on my system
the session cache dbm files in apache-path/var/run
were created readable by everyone. This doesn't seem like
a particularly splendid idea unless you trust all users on
the system.
Eric Norman
University of Wisconsin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
