Hi,
I have several patches with bugfixes to engines/e_capi.c, as well as
some new functionality:
1) some memory/resource leaks in e_capi.c
ctx->cspname can be leaked in capi_ctx_set_provname()
hprov is leaked on error in capi_list_containers()
pname is leaked in capi_ctx_set_provname_idx()
2) enabling support for SHA256/SHA512
3) Allow multiple instantiations of the capi.dll
Before this patch on each instantiation of the CAPI ENGINE new OpenSSL
indexes were allocated for storing CAPI related information. On Windows
DLLs share memory, so this resulted in new values overwriting old values.
Later on, when (for example) CAPI context was retrieved in the CAPI ENGINE
instance 1, it was NULL and this was causing crashes. The fix is to only
instantiate indexes once.
Also some new features:
1) Added a new option to the CAPI ENGINE for controlling client
certificate use TLS
This patch adds a new CAPI ENGINE command called "ssl_client_cert_id"
for setting the name of the certificate (e.g. "friendly name" property)
to be used by client side TLS. This option allows suppressing GUI dialog
when only a single certificate with the specified name is present,
which is usually the case for non GUI applications (or services that have
a client component).
I believe all of the above apply to OpenSSL 1.0.0f.
What is the best place to submit these?
Best Regards,
Alexey
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
