Hello, "Stephen Henson via RT" <r...@openssl.org> wrote: |On Mon Dec 08 19:58:31 2014, sdao...@yandex.com wrote:
|> If people start using SSL_CONF_CTX as they are supposed to with |> v1.0.2, then it can be expected that users start using strings |> like, e.g. (from my thing), |> |> set ssl-protocol="ALL,-SSLv2" |If you print out the additional error data it should also indicate which |command and value it is objecting to, though it will only \ |say it doesn't like |the whole string and not the specific part of it it is rejecting. Oh i'm not complaining on that, error handling is always weird, and i think strings like error:140D00CF:SSL routines:SSL_write:protocol is shutdown are hard (not only to parse) for users but there is a lot of information for good in very few bytes; sad is Received SIGPIPE during IMAP operation IMAP write error: error:00000000:lib(0):func(0):reason(0) but as i think for most (Open)SSL related problems this is all my / our fault, users should not be bothered with that. Strings are intransparent for application programmers, but myriads of error enumerations can be too. Whatever. Regarding #3625: i think no user (that made it so far at first glance, which maybe even required buying a book and reading a lot!) would expect an error for saying "-SSLv2". But since it was an accidental oversight and the _OP_NO_SSLv2 is still defined (what i didn't even look for after reading the commit message) i think it'll be ok anyway once committed and this can be closed? Ciao, --steffen _______________________________________________ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
