Guenter Knauf wrote:
Hi,
On Dec 14, 2007, at 12:52 PM, William A. Rowe, Jr. wrote:
Jim Jagielski wrote:
Anyone opposed to us shooting for a T&R early next week?
If we can get a couple of security-related-but-not-really patches
committed to 2.0 I'd like to see that as well. I'm offering,
Sure... that would be great. Another three-for-all :)
From what I can see, both 1.3 and 2.2 are backport
free, so it's just 2.0 right now.
any chance we can get this simple patch in to correct a type mismatch
which bothers me all the time when compiling with OpenSSL 0.9.8 on NetWare?
http://people.apache.org/~fuankg/diffs/ssl_scache_shmht.c.diff
--- ssl_scache_shmht.c.orig Wed Jul 12 09:40:56 2006
+++ ssl_scache_shmht.c Sun Nov 25 17:32:58 2007
@@ -198,7 +198,7 @@
SSLModConfigRec *mc = myModConfig(s);
void *vp;
SSL_SESSION *sess = NULL;
- UCHAR *ucpData;
+ MODSSL_D2I_SSL_SESSION_CONST UCHAR *ucpData;
int nData;
time_t expiry;
time_t now;
@@ -223,7 +223,7 @@
return NULL;
}
memcpy(&expiry, vp, sizeof(time_t));
- memcpy(ucpData, (char *)vp+sizeof(time_t), nData);
+ memcpy((void *)ucpData, (char *)vp+sizeof(time_t), nData);
ssl_mutex_off(s);
/* make sure the stuff is still not expired */
Are you certain (void *)ucpData cast is actually useful? I was pretty
certain memcpy is more tolerant than that.
About the rest of it, +1
Bill