Re: [openssl.org #170] OpenSSLDie not exported in Win32

[Jeffrey Altman via RT]

> OK, I don't understand why it needs to be exported - isn't it internal 
> to the library? But assuming it does, I prefer the original suggestions 
> (i.e. move the declaration of OpenSSLDie()).

It needs to be exported because the function is defined in
libeay32.dll and used in ssleay32.dll on Windows.

Now the choices as I see it are:

 . export the function.  which I have done in order to get the
   code to compile and link on Windows, or

 . remove the call entirely and instead simply have OpenSSL return
   an error to the application as is done with other length checks

For example, in ssl_sess.c ssl_get_new_session() the error
SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH is returned if tmp >
ss->session_id_length.  I don't see why we need to call abort() (via
die()) if s->sid_ctx_length > sizeof ss->sid_ctx.



 Jeffrey Altman * Sr.Software Designer     Kermit 95 2.0 GUI available now!!!
 The Kermit Project @ Columbia University  SSH, Secure Telnet, Secure FTP, HTTP
 http://www.kermit-project.org/            Secured with MIT Kerberos, SRP, and 
 [EMAIL PROTECTED]               OpenSSL.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]