Some API mechanism is needed to allow "Warning" alerts to be sent. This is most obviously needed to allow the verify callback to send a warning to the peer. Calling ssl3_send_alert() directly works, but apparently is frowned upon since it is a private function.
-- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support -----Original Message----- From: Lutz Jaenicke [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 10:51 AM To: Howard Chu Subject: Re: is the ssl3_send_alert() function public ( part of the API )? On Tue, Jul 16, 2002 at 10:35:38AM -0700, Howard Chu wrote: > Since alerts are defined by the SSLv3 spec this seems to be a glaring > omission from the exported API. In particular, there is no way for the > verify callback to send a warning to the other side without this function, > and simply making the callback return "not OK" results in a fatal > condition, instead of a warning. Hmm. Interesting suggestion. Some of the alerts must always be fatal according to the spec, but not all of them. I don't think that the application should ever send an alert itself (I think that it would mess up the complete control structure with respect to non-blocking etc.) It might however be possible to introduce some variable/flag that one can set inside the callback function. Currently only SUCCESS/FAIL can be signalled via the return value of the callback(). Of course, an addition like this one should be compatible with respect to the current API... Hmm. Maybe you should send a corresponding request to [EMAIL PROTECTED] such that the idea is recorded in the request tracker. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
