Update information as a partial response to the post
authorLutz Jänicke <jaenicke@openssl.org>
Fri, 12 Oct 2001 12:29:16 +0000 (12:29 +0000)
committerLutz Jänicke <jaenicke@openssl.org>
Fri, 12 Oct 2001 12:29:16 +0000 (12:29 +0000)
commit56fa8e69cf1e742da8087de60152519127c79983
treeaa026c22408adb0da69eecf11396115a26322396
parent67d0738aba4988a239d57f6cd7aa36cf27df1f92
Update information as a partial response to the post
  From: "Chris D. Peterson" <cpeterson@aventail.com>
  Subject: Implementation Issues with OpenSSL
  To: openssl-users@openssl.org
  Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!
doc/ssl/SSL_CTX_sess_set_get_cb.pod
doc/ssl/SSL_SESSION_free.pod
doc/ssl/SSL_get_session.pod
doc/ssl/SSL_set_session.pod
doc/ssl/d2i_SSL_SESSION.pod