[xmlsec] more error handling concerns

Moultrie, Ferrell (ISSAtlanta) FMoultrie at iss.net
Thu Sep 5 11:58:52 PDT 2002

I'm using the latest released version, 0.9.6g. We looked at the 0.9.7
version but it was still in testing and that seemed like not such a good
plan for us right now given the relative stability of the 0.9.6 release
series. Just setting breakpoints in OpenSSL on the push and clear
methods, it looks like it's not an uncommon coding practice so I'd guess
it's not going to be trivial for them to change.

-----Original Message-----
From: Aleksey Sanin [mailto:aleksey at aleksey.com] 
Sent: Thursday, September 05, 2002 1:02 PM
To: Moultrie, Ferrell (ISSAtlanta)
Cc: xmlsec at aleksey.com
Subject: Re: [xmlsec] more error handling concerns

Which OpenSSL version do you use? Probably it's worth to inform
OpenSSL guys about this.


Moultrie, Ferrell (ISSAtlanta) wrote:

>  One difficulty I'm having with the new error handler and using the
>OpenSSL error stack is that the OpenSSL crypto library frequently uses
>the error stack to capture "expected" errors. When one of those occurs,
>it calls ERR_clear() which removes not only the OpenSSL error info but
>any previously stored xmlsec errors -- which I haven't even had a
>to see yet! The only option appears to be to override the default
>error callback -- but that gets us back to needing thread local storage
>in the application, etc. Sigh.
>Ferrell Moultrie (ferrell at iss.net)
>Software Engineer
>Internet Security Systems, Inc.
>6303 Barfield Road
>Atlanta, Georgia 30328
>Phone:  404-236-2600
>Direct: 404-236-2849
>Fax:    404-236-2632
>Internet Security Systems -- The Power to Protect
>xmlsec mailing list
>xmlsec at aleksey.com

More information about the xmlsec mailing list