Hi, I found a bug in ssl session cache, please check it. SSL_CTX_session_remove trying to find the session in the cache and delete it but when calling SSL_SESSION_list_remove, in case that r != NULL the wrong session is sent to the function, instead of sending r which is the one that is in the cache c is been sent.
Thank. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]