Update information as a partial response to the post
From: "Chris D. Peterson" <cpeterson@aventail.com> Subject: Implementation Issues with OpenSSL To: openssl-users@openssl.org Date: Wed, 22 Aug 2001 16:13:17 -0700 The patch included in the original post may improve the internal session list handling (and is therefore worth a seperate investigation). No change to the list handling will however solve the problems of incorrect SSL_SESSION_free() calls. The session list is only one possible point of failure, dangling pointers would also occur for SSL object currently using the session. The correct solution is to only use SSL_SESSION_free() when applicable!
parent
67d0738a
Please register or sign in to comment