On Fri, Mar 18, 2005 at 06:02:06PM +0100, Lutz Jaenicke wrote:
> > I could void the warranty by:
> >
> > #ifdef DONT_TRY_THIS_AT_HOME
> > X509_free(session->peer);
> > session->peer = 0;
> > #endif
> > buflen = i2d_SSL_SESSION(session, 0);
> > ...
> >
> > but I don't believe that I am supposed to bypass the accessor methods
> > and mess with the SSL_SESSION structure directly...
>
> But you have found the only way to handle the problem. There is no
> official API to achieve the same effect :-)
>
If I take the shortcut, will I get into trouble with future releases?
Is any sort of binary compatibility for shared libraries from version
A.B.C to X.Y.Z with suitable constraints on (A,B) and (X,Y) contemplated
for OpenSSL?
A few macros already depend on structure offsets, but only for the
SSL context, not SSL or SSL_SESSION:
#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))
#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb)
#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb))
#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)
#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))
#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb)
#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb))
#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback)
#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb))
#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb)
So would it be wise or foolish to use session->peer in (say for example
:-) the Postfix source code?
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
