Arne Ansper wrote:
> > > 5) crypto/err/err.c ERR_get_state has static variable fallback. this
> > > should be initalized before returning pointer to it.
> >
> > As far as I can see it is only used when allocation fails. In this case,
> > what should it be initialised to?
>
> at least top and bottom must cleared.
>
> --- err.c.org Tue Jan 5 08:06:18 1999
> +++ err.c Tue Jan 5 08:09:52 1999
> @@ -539,6 +539,9 @@
> int i;
> unsigned long pid;
>
> + fallback.pid= 0;
> + fallback.top= 0;
> + fallback.bottom= 0;
> pid=(unsigned long)CRYPTO_thread_id();
>
> CRYPTO_r_lock(CRYPTO_LOCK_ERR);
Since it is a static, they will already be clear.
> > > 8) ssl/s2_pkt.c and ssl/s3_pkt.c write_pending and
> > > ssl3_write_pending have unnecessary check at the beginning which stops
> > > me from moving data around in my buffers between calls to SSL_write.
> > > this data is already copied to internal buffers and there is no need
> > > for this check. i tested ssleay without this check (non-blocking
> > > sockets and stuff) under various platforms and everything worked as
> > > expected.
>
> > I'm reluctant to commit this. It seems to me that you need to find a way
> > to fix things up if you move data around (why do you do that anyway?).
>
> ok i try to make little example:
>
> /* s is non-blocking SSL socket which is full: i.e. write will fail with
> EAGAIN */
> int f(SSL* s)
> {
> char a[3];
>
> a[0]= 'a';
> SSL_write(s, a, 1); /* returns -1 */
>
> /* now i have a complete SSL record somewhere inside s, which is
> not sent */
>
> sleep(1000); /* wait and let the socket drain */
> a[1]= 'b';
> SSL_write(s, a, 2);
>
> /* this call will now fail with bad write retry, but instead
> it should write the previous record into socket, mark 1 byte as
> written (this is done in ssl3_write_bytes), create another record
> from remainig byte and try to write it into socket. and then if
> last write succceds report 2 bytes written if write fails then
> none.
>
> if i remove the check then this function works as i just
> described */
> }
>
> btw, in SSLeay 0.9.0 this check is marked with /* XXX */ -- looks like
> some kind of todo marker.
I see. I'll look at it again.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Ghandi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
