> [david.sm...@cern.ch - Tue Jun 23 11:06:26 2009]: > > Hello, > > The bug report over on the apache tracker: > > https://issues.apache.org/bugzilla/show_bug.cgi?id=46952 > > has been updated - there is a utility to generate a set of CA > certificates, which should allow one to reproduce the problem and more > information about when the failure has been seen. > > I also sent an analysis of the sequence of events leading up to the > problem; and a "trial" fix - meaning that I see that it does fix the > problem but I'd like the community's opinion on the approach. Could > some of the openssl developers follow the link and consider the > analysis and possibly the change? >
I agree with the analysis. An alternative normally would be to try and flush any pending data in the BIO state machine on subsequent I/O calls (i.e. including a subsequent read) but since there can be separate read and write bios in OpenSSL that's not guaranteed to work. Steve. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
