This SSLeay/OpenSSL behaviour appears to be correct; from RFC 2246:
session_id_length
This field must have a value of either zero or 16. If zero, the
client is creating a new session. If 16, the session_id field
All (most?) similar cases clear the 'init' flag *after* having set up
the data structures appropriately, e.g. see ssl/s3_meth.c.
No locking should be needed because the assignments are idempotent.
__
OpenSSL Project
Sorry, the RFC 2246 quote was incorrect -- the value 16 is for
SSL 2.0 session IDs only, and the SSLeay/OpenSSL interpretation
indeed is buggy.
__
OpenSSL Project http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
[[EMAIL PROTECTED] - Thu Sep 19 12:11:15 2002]:
ljaenicke@lutz:~$ dpkg -l openssl
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err:
uppercase=bad)
||/ Name
Can anyone explain why this routine exists? When would you *not* want
this? Is there any reason not to, say, call those routines from within
EVP_PKEY_new ?
/r$
__
OpenSSL Project
Argh, you are right. When I tried to verify the problem. I only testet
the 0.9.6g binary but had the 0.9.6c libraries installed. So I assume,
the submitter of the bug made a similar mistake.
Sorry, to bug you.
Christoph
Am Don, 2002-09-19 um 15.23 schrieb Lutz Jaenicke via RT:
[[EMAIL
Argh, you are right. When I tried to verify the problem. I only testet
the 0.9.6g binary but had the 0.9.6c libraries installed. So I assume,
the submitter of the bug made a similar mistake.
Sorry, to bug you.
Christoph
Am Don, 2002-09-19 um 15.23 schrieb Lutz Jaenicke via RT:
[[EMAIL
Here is the patch for configuring-out the engine. This one should work; the
previous one had a single misplaced #ifndef. I've tested it both with and
without the no-engine option for the following platforms:
Cygwin
VC-WIN32 (dll and static)
VC-CE (dll and static)
Those of us who make heavy use of the crypto library, with a limited group
of algorithms and without SSL, would certainly not want this pulling in all
the algorithms every time we call EVP_PKEY_new.
Chris Brook
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On
All (most?) similar cases clear the 'init' flag *after* having set up
the data structures appropriately, e.g. see ssl/s3_meth.c.
Yes, SSLv3_client_method is the only one I saw which had init set in the
wrong place. I may have missed some.
No locking should be needed because the assignments
11 matches
Mail list logo