> [EMAIL PROTECTED] - Wed Nov 12 14:46:47 2008]: > > On Tue, Nov 11, 2008 at 12:09:55PM +0100, Stephen Henson via RT wrote: > > > OK, we'd need the generic extension part of the patch modified to > only > > override the session ticket extension. > > I replaced SSL_set_hello_extension() function with > SSL_set_session_ticket_ext() and renamed the related structures to use > less generic names. Please note that I left SSL_set_hello_extension() > into this version as a simple wrapper to make it easier to test this > with the current wpa_supplicant/hostapd implementation, but that can > obviously be removed when the patch goes in and I'll change > wpa_supplicant/hostapd to use OpenSSL version to select which calls to > use. >
OK, thanks. > > A companion callback to supply the details of the ticket extension > would > > be appropriate instead of using the debugging interface. > > Are you referring to the use of SSL_set_tlsext_debug_callback() in the > EAP-FAST server implementation? This was originally done with a new > SSL_set_hello_extension_cb(), but I removed the extra code when > session > ticket code was added to OpenSSL. Would you like to get the > SSL_set_hello_extension_cb() and related call from > ssl3_get_client_hello() to be included in the patch? > Well I'm assuming that there needs to be a way to obtain the ticket value the peer has sent. Although it is possible to use the debugging interface for that it then prevents it being used for anything else. Something like an SSL_set_session_ticket_cb() function which would call the supplied callback with the received ticket extension value. Functionally doing the same as the debug callback but for the ticket extension only. > > The indentation in that patch is also inconsistent with the rest of > OpenSSL. > > The attached version should clean up indentation to match with rest of > the code. > > Thank you. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]