* Nadav Har'El ([EMAIL PROTECTED]) wrote:
> > The ideal thing for openssl would be to wait until we have a good
> > opportunity to well and truly ignore backwards compatibility and then
> > just uproot the entire caching interface and replace it with something
>
> I understand that backward compat
On Wed, Mar 26, 2003, Geoff Thorpe wrote about "Re: SSL_CTX_free messes with external
session cache":
> IMHO, you're probably better off in the mean time disabling the internal
> caching altogether and implement a coherent model entirely from the
> external callbacks - t
Hi,
* Nadav Har'El ([EMAIL PROTECTED]) wrote:
> Hi,
>
> I noticed that SSL_CTX_free() takes all the sessions in the given CTX's
> internal session cache, and also removes them from the external session cache
> (i.e., calls the delete-session callback).
>
> Why was this done? I can't think of a s
On Wed, Mar 26, 2003, Lutz Jaenicke wrote about "Re: SSL_CTX_free messes with external
session cache":
> Hmm. I extensively use external session caching. But I never call
> SSL_CTX_free(), as my application will terminate in this moment anyway,
> so this oddity went by unno
On Wed, Mar 26, 2003 at 08:25:10PM +0200, Nadav Har'El wrote:
> I noticed that SSL_CTX_free() takes all the sessions in the given CTX's
> internal session cache, and also removes them from the external session cache
> (i.e., calls the delete-session callback).
[Analysis deleted.]
Obviously this b
Hi,
I noticed that SSL_CTX_free() takes all the sessions in the given CTX's
internal session cache, and also removes them from the external session cache
(i.e., calls the delete-session callback).
Why was this done? I can't think of a security or a logical explanation to
this, because these sessi
