AcornSSL
Colin (478) 2433 posts |
To save me wrestling with git if I don’t have to, does anyone have any problems with this modification to AcornSSL_CreateSession. I’ve added the CreateSession_NewReuseAuth reason code.
|
Martin Avison (27) 1494 posts |
Looks ok to me … from my very limited understanding. |
Colin (478) 2433 posts |
To the right of the names. |
Dave Higton (1515) 3525 posts |
So, rather than enlist the app’s help in storing the extension data, you’re doing it all in the module? I’m not saying it’s a problem, but the module has to deal with expiry and memory management. |
Colin (478) 2433 posts |
There is no storing of extra data. Here’s the diff file. It all happens in c.api instead of setting up a new authenticated session the session is just copied from one session to the new one. |
Dave Higton (1515) 3525 posts |
Colin, where did you get the AcornSSL code from, and when did you get it? I’ve been in a somewhat embarrassing discussion in csan about your module, and “version hell”, where it has been pointed out that you’re using mbedTLS two versions out of date and with (at least) two published vulnerabilities. |
Colin (478) 2433 posts |
It won’t be AcornSSL that is the latest version. MbedTLS may well be out of date – I’ve just looked and it’s dated 21 Sep 19 – as I slotted AcornSSL into a Disc download I already had in order for AcornSSL to access its dependencies. The module I distributed was only to test if it worked it wasn’t an official distribution. Are you desperate for a version with the latest MbedTLS I have submitted the change to ROOL so hopefully they will produce a new version. |
Steve Fryatt (216) 2105 posts |
Would it not just be easier all around to let the merge request go through and a new AcornSSL version fall out of the nightly build system? |
Colin Ferris (399) 1814 posts |
Wouldn’t it be useful to include a bit of info text at the beginning/end of the module that could be read in a text editor |
Steve Pampling (1551) 8170 posts |
I’m going to assume that none of the contributors to the criticism were part of the ROOL “management” – that would involve stones and glass houses etc. Besides, I saw the merge in the git updates alongside stuff from Sprow and I’m sure he’d be commenting if something was amiss. I’m with Colin on this. I’d say that when working on test code the base code can be out of date within the time you’re working simply because there are other people working on other aspects. |
Colin (478) 2433 posts |
Ok I’ve updated the FTPc1.55b distribution above with an up to date MbedTLS. I had updated the date on the module so you could tell it has changed but this time I’ve added ReuseAuth.1 to the help string. |