Lutz Jaenicke via RT wrote:
[[EMAIL PROTECTED] - Fri Jan 3 08:21:38 2003]:
When a non-blocking SSL_accept() returns -1 with SSL_ERROR_WANT_READ
or
SSL_ERROR_WANT_WRITE set, the appropriate thing to do is to call
SSL_accept() again.
This is fine, but the current state machine in ssl3_accept() doesn't
seem to keep track of the fact that the callback may have succeeded
already, causing the callback to be called again when SSL_accept() is
retried.
Is there some way around this that I'm missing? If not, wouldn't it
be
desirable to add something like this to the state machine in
ssl3_accept()?
I'm sure there are some cases where the callback should be called
again
(renegotiations, for example).
Any ideas?
You are talking of the verify callback?
Yes, the client verify_callback.
Thanks,
-John
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
