From: Richard Levitte <[email protected]>

> sms>    I was thinking more like:
> [...]
> sms>          if (cipher)
> sms>                  {
> sms>                  if (strcmp( cipher, "PSK"))
> sms>                          {
> sms>                          BIO_printf(bio_err,
> sms>                           "JPAKE sets cipher to PSK\n");
> sms>                          goto end;
> sms>                          }
> sms>                  }
> sms>          else
> sms>                  {
> sms>                  cipher = "PSK";
> sms>                  }
> sms>          }
> sms> #endif
> 
> That's functionally the same, isn't it?

   Not if "cipher" was already set to "PSK" before arriving here. 
As-was, if "cipher" was non-NULL, you got the fatal error.  My way is
intended to allow "cipher" to be previously set to "PSK", not only unset
to anything (NULL).

> ... and writing an internal application library that takes care of the
> diversity, yeah I'm with you there.

   With a lot of work, someone could make a regular program out of this
thing.

> s_client is basically supposed to work like telnet (minus the telnet
> features plus the ssl features), so it's not much of a surprise that
> it gives you as much a prompt as telnet does.

   Does Telnet do local echoing of victim input?

> I find it weird that the particular \n there would fail...  isn't that
> something that C library is supposed to deal with properly?  Of
> course, s_client uses BIO_printf(), but that one in turn uses the
> usual C library...  so it's to wonder why \n wouldn't work in that
> particular spot.  I'll have to see if I can reproduce it.

   There's a lot of fine print.  As usual, everything's complicated.

------------------------------------------------------------------------

   Steven M. Schweda               sms@antinode-info
   382 South Warwick Street        (+1) 651-699-9818
   Saint Paul  MN  55105-2547
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Reply via email to