Hi,
I had posted a query about using the SSL_CTX_set_tmp_rsa/dsa_cb(...).
I was using the callback so that i'd generate a new ephemeral key for
every session.
The impression i got from the reply was that instead of setting the
callback and generating\selecting a key during SSL_accept, I can at
startup generate ephemeral keys at startup and set them into SSL_CTX
using SSL_CTX_set_tmp_rsa/dsa(...). This did solve my leaks problem
but I am wondering if it is safe to be using the same ephemeral keys
all through the run of the application (i.e across probably thousands of
sessions).
And btw using the callback for ephemeral keys still causes memory to
leak.
Thanks,
Amit.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
