On 06/02/2016 15:50, Rich Salz via RT wrote: > Is this still a bug? > -- > Rich Salz, OpenSSL dev team; rs...@openssl.org > > I don't know, there have been many changes to the extension treatment. I have not followed the stuff since 5 years.
The extension handling is not what I had in the original design and seems to be broken. There was no split into two functions two functions that communicate through the session.; Some callbacks are done in the check loop (as far as I remember) . Unfortunately this split occured almost in parallel to our contribution in 2006 when some EC stuff was added. A correct logic is one single function(the code of check and parse combined) that collects the values of extensions and then treat them calls callbacks in a defined order. Actually it seems that you could influence the server behavoiur if you change the order of extensions in the clienthello. sni first or last for example. That makes server application code difficult. best -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=2021 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
