Hi
while experimenting with SSL protocol extensions I think I found a newly
introduced bug. In fact there was a fault in an if-statement for a long
time and now it has been corrected. But I think the code is not compilant
with the SSL-3.0 spec, which reads:
"Forward compatibility note:
In t
Hi
I think I found a bug (which has no real effect) in d2i_SSL_SESSION().
In the code snippet below from my point of view the SSL3_VERSION should
read SSL3_VERSION_MAJOR or even 3 (literal)!
if ((ssl_version>>8) == SSL3_VERSION)
i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
Hi
I think there are 2 cosmetical bugs in v3_prn.c.
1.) The indentation of the v3 extension values is fix '12' instead of
'indent + 4'
2.) After the last multi-line extension value the '\n' should not
be printed
See attached a patch.
best regards
Matthias
__
