Hey!
SSL_set_app_data() is a macro that actually uses the SSL_set_ex_data()
function. SSL_set_ex_data() returns an int.
Yet, the docs say SSL_set_app_data() returns void. I'd suggest a fix for this
like the following.
diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod
index 589fc2d..ac2664d 100644
On Wed, 11 May 2016, Stephen Henson via RT wrote:
> I've pulled the latest curl using git and OpenSSL master. I had to make one
> minor change to curl to get it to compile. I can't reproduce the problem
> with test 313: it seems to work fine. I've tried it using the verify utility
> and s_serrv
Hey,
In curl we call ENGINE_cleanup() as part of our OpenSSL specific cleanup
function. When I do this with OpenSSL from git master as of right now
(OpenSSL_1_1_0-pre4-7-ga717738) valgrind catches an illegal free:
==20314== Invalid free() / delete / delete[] / realloc()
==20314==at 0x4C2AE6
Hey
I've had this crash for a while with current openssl git master. It is
perfectly reproducable using curl test 313 and I have an openssl build here
with debug symbols so I can provide more info to help someone diagnose this,
just let me know.
The test case works fine with all previously rel
On Thu, 10 Dec 2015, Stephen Henson via RT wrote:
> You can retrieve the outer signature and algorithm using
> X509_get0_signature(). The inner form inside the to be signed portion can be
> obtained with X509_get0_tbs_sigalg(). See:
Thanks!
I also noticed I need X509_get0_extensions() for the
Hey,
In the curl project we're accessing the 'cert_info' to find the
'signature->algorithm' fields from the X509 and X509_CINF structs [*] and we
can't build with openssl git master or the 1.1.0-pre release.
How can we reach that info using a "proper" API?
Making all in lib
CC vtls/li
Hey
The man page for the function OPENSSL_load_builtin_modules() doesn't include
any details on how the memory it allocates is supposed to get freed by a user.
I assume CONF_modules_free() is the funtion to use for this purpose?
--
/ daniel.haxx.se
_
On Thu, 7 Aug 2014, Stephen Henson via RT wrote:
>> I would like OPENSSL_config() to not call exit.
>
> The whole point of OPENSSL_config() is that it is a minimal function that
> just tries to load configuration modules and is better than nothing if the
> application cannot include appropriate
Hi
As OpenSSL is a library, it should only ever use exit in the case of sever
problems and not just for "mere" run-time problems.
OPENSSL_config() is documented to be strongly recommended but yet it calls
exit(1) if it fails to parse the config file. I find it much too fragile and
makes it rea