On Wed, Mar 26, 2003, Geoff Thorpe wrote about "Re: SSL_CTX_free messes with external session cache": > IMHO, you're probably better off in the mean time disabling the internal > caching altogether and implement a coherent model entirely from the > external callbacks - this way the SSL_CTX_free() behaviour won't matter
This is very true. In fact, I designed the application in question from the start to use only the external cache (if you remember, I was the one who asked to add the NO_INTERNAL flag - NO_INTERNAL_LOOKUP will still leave me with a big internal session cache). But for several silly and embarrassing reasons, I need to have both an internal and external session cache for now. :( The extra SSL_CTX_sess_set_remove_cb(ctx, NULL); before SSL_CTX_free(ctx) fixes the problem I reported, so it's not a real problem for me, it simply surprised me. > The ideal thing for openssl would be to wait until we have a good > opportunity to well and truly ignore backwards compatibility and then > just uproot the entire caching interface and replace it with something I understand that backward compatibility is important, if people rely on the current behaviour. In this case, I suggest that the manual pages (in this case, of SSL_CTX_free()) be updated to explain what actually happens, and perhaps how to get the other behaviour. Nobody can complain about this if it is explained in the manual :) -- Nadav Har'El | Wednesday, Mar 26 2003, 23 Adar II 5763 [EMAIL PROTECTED] |----------------------------------------- Phone: +972-53-245868, ICQ 13349191 |The human mind is like a parachute - it http://nadav.harel.org.il |functions better when it is open. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
