[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-dev
Subject:    Re: Using SSL_clear to reuse SSL object
From:       moeller () cdc ! informatik ! tu-darmstadt ! de (Bodo Moeller)
Date:       2002-02-27 16:27:32
[Download RAW message or body]

Yoram Zahavi <YoramZ@gilian.com> in epsilon.openssl.dev:

> Thanks for the explanation, I liked the SSL_set_session(s, NULL) usage. Any
> reasons for calling it *before* SSL_clear(s) ?
> I think you better call it after the call to SSL_clear(s). Otherwise, the
> current session is already freed by SSL_set_session(s, NULL), and cannot be
> referenced by SSL_clear(s) for caching considerations.

Good point.  My reason for calling SSL_set_session(s, NULL) first was
that otherwise SSL_clear(s) would not reset the method pointer (i.e.,
the protocol version).  But you are right, and

     SSL_clear(s);
     SSL_set_session(s, NULL);

should be OK: In this case, SSL_set_session() will reset the method
pointer.


-- 
Bodo Möller <moeller@cdc.informatik.tu-darmstadt.de>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]