[EMAIL PROTECTED] wrote:
Hi,
Hello Mike,

The problem is that calling the
d2i functions with a length of 0 somehow corrupted
my TLS connection and I would get protocol errors
that required shutting down the connection.  Note
that the RSA and DSA objects are in no way connect-
ed to the TLS connection.  I modified my code to
only call the d2i functions when the length of the
key is non-zero, and the protocol errors have gone
away.

Without looking in the code I would think
the d2i_functions set an error code and the
SSL connection stumbles about it the next time
you do an SSL operation.

Try an ERR_clear_error() after an failed decode
and see if the SSL problem goes away...

On the long term it could be good for the SSL
structure to have an own error stack and
stumble only about errors that are in it...
But with that you would have to pass th pointer
to this stack to every function that is called
in the SSL protocol.

So seems to be a bad idea...

Bye

Goetz

--
DMCA: The greed of the few outweighs the freedom of the many

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to