xx_tmp_xx stuff lost

Ralf S. Engelschall Thu, 25 Feb 1999 06:46:05 -0500

In article <[EMAIL PROTECTED]> you wrote:
> Ralf S. Engelschall wrote:
>> 
>> In article <[EMAIL PROTECTED]> you wrote:
>> > Ralf S. Engelschall wrote:
>> >> In article <[EMAIL PROTECTED]> you wrote:
>> >> > Ralf S. Engelschall wrote:
>> >> >> In short, this (the s_server approach) works:
>> >> >>
>> >> >>     ctx = SSL_CTX_new();
>> >> >>     SSL_CTX_set_tmp_rsa_callback(ctx, ...);
>> >> >>     SSL_CTX_use_certificate(ctx, ...);
>> >> >>     ssl = SSL_new();
>> >> >>     /* now ssl->cert contains the callbacks for the RSA temp key */
>> >> >>
>> >> >> while this (the mod_ssl approach) fails:
>> >> >>
>> >> >>     ctx = SSL_CTX_new();
>> >> >>     SSL_CTX_set_tmp_rsa_callback(ctx, ...);
>> >> >>     ssl = SSL_new();
>> >> >>     SSL_use_certificate(ctx, ...);
>> >[...]
> Isn't this pointless? Unless you have a cert, any key you set on this
> (empty) cert will get blown away  when you do set a cert. Presumably
> setting a temp key should be an error if you have no cert set.

What makes you thinking that the settings are blown away by
SSL_use_certificate and friends? These functions already have checks like ``if
((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))'' which
prevents them from blowing away the settings, Ben.

                                       Ralf S. Engelschall
                                       [EMAIL PROTECTED]
                                       www.engelschall.com
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
Re: [PATCH] ssl->cert->xx_tmp_xx stuff lost

Reply via email to
