On Jan 3, 2008 12:21 PM, Nelson Bolyard <[EMAIL PROTECTED]> wrote: > Wan-Teh Chang wrote, On 2008-01-02 18:10: > > > On return, > > you need to check that SSL_GetChannelInfo returned SECSuccess > > and that the length field is <= sizeof(SSLChannelInfo) (the size of > > SSLChannelInfo when you compiled your code) before you can use > > the value of any other field. > > Why do you say that? I don't believe there's any need to check > that the returned length field value is <= the caller's expected size.
Because this function is not documented, I used the source code and the selfserv, strsclnt, and tstclnt test programs to determine how it should be used. The three test programs all check that the returned length field value is equal to the caller's expected size, so I thought it is necessary to check for equality or <=. I only spent a few minutes looking at the source code, so I could certainly misunderstand the code. Wan-Teh _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
