Hi,
I noticed that SSL_CTX_free() takes all the sessions in the given CTX's
internal session cache, and also removes them from the external session cache
(i.e., calls the delete-session callback).
Why was this done? I can't think of a security or a logical explanation to
this, because these
On Wed, Mar 26, 2003 at 08:25:10PM +0200, Nadav Har'El wrote:
I noticed that SSL_CTX_free() takes all the sessions in the given CTX's
internal session cache, and also removes them from the external session cache
(i.e., calls the delete-session callback).
[Analysis deleted.]
Obviously this
On Wed, Mar 26, 2003, Lutz Jaenicke wrote about Re: SSL_CTX_free messes with external
session cache:
Hmm. I extensively use external session caching. But I never call
SSL_CTX_free(), as my application will terminate in this moment anyway,
so this oddity went by unnoted...
This is the bane
Hi,
* Nadav Har'El ([EMAIL PROTECTED]) wrote:
Hi,
I noticed that SSL_CTX_free() takes all the sessions in the given CTX's
internal session cache, and also removes them from the external session cache
(i.e., calls the delete-session callback).
Why was this done? I can't think of a
On Wed, Mar 26, 2003, Geoff Thorpe wrote about Re: SSL_CTX_free messes with external
session cache:
IMHO, you're probably better off in the mean time disabling the internal
caching altogether and implement a coherent model entirely from the
external callbacks - this way the SSL_CTX_free
* Nadav Har'El ([EMAIL PROTECTED]) wrote:
The ideal thing for openssl would be to wait until we have a good
opportunity to well and truly ignore backwards compatibility and then
just uproot the entire caching interface and replace it with something
I understand that backward compatibility