Re: [openssl-dev] Clear X509 OBJECT cache

2016-07-20 Thread Patel, Anirudh (Anirudh)
ncoming connection? If yes, please tell me the API which can do this. Thanks, Anirudh -Original Message- From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Wednesday, July 20, 2016 7:42 PM To: openssl-dev@openssl.org Subject: Re: [openssl-de

Re: [openssl-dev] Clear X509 OBJECT cache

2016-07-20 Thread Dr. Stephen Henson
On Wed, Jul 20, 2016, Dr. Stephen Henson wrote: > On Wed, Jul 20, 2016, Patel, Anirudh (Anirudh) wrote: > > > "X509_LOOKUP_hash_dir is a more advanced method, which loads certificates > > and CRLs on demand, and caches them in memory once they are loaded. As of > > OpenSSL 1.0.0, it also checks

Re: [openssl-dev] Clear X509 OBJECT cache

2016-07-20 Thread Dr. Stephen Henson
On Wed, Jul 20, 2016, Dr. Stephen Henson wrote: > On Wed, Jul 20, 2016, Dr. Stephen Henson wrote: > > > On Wed, Jul 20, 2016, Patel, Anirudh (Anirudh) wrote: > > > > > "X509_LOOKUP_hash_dir is a more advanced method, which loads certificates > > > and CRLs on demand, and caches them in memory o

Re: [openssl-dev] Clear X509 OBJECT cache

2016-07-20 Thread Dr. Stephen Henson
On Wed, Jul 20, 2016, Patel, Anirudh (Anirudh) wrote: > "X509_LOOKUP_hash_dir is a more advanced method, which loads certificates > and CRLs on demand, and caches them in memory once they are loaded. As of > OpenSSL 1.0.0, it also checks for newer CRLs upon each lookup, so that newer > CRLs are a

[openssl-dev] Clear X509 OBJECT cache

2016-07-20 Thread Patel, Anirudh (Anirudh)
Hi, This is related to the X509 store cache (had a similar ticket openssl.org #4615 which I guess has already become stale). But, I believe that the documentation regarding X509_LOOKUP_hash_dir is not at all clear and is quite misleading: >From the manual page: >X509_LOOKUP_hash_dir