> On Apr 1, 2019, at 10:01 AM, Jeremy Harris <jgh@xxxxxxxxxxx> wrote:
>
> Thanks for the explanation. Next, serialise/deseralise
> of the session is failing. Test code:
>
> {
> SSL_SESSION * ss = SSL_get_session(ssl);
>
> uschar * sess_asn1;
> int len;
>
> len = i2d_SSL_SESSION(ss, &sess_asn1);
This is incorrect use of the api. You need to provide a NULL
buffer, obtain the length, then call again, after allocating
a buffer of the requisite size. Here's an example from the
DANE code in Postfix (likely similar code already in Exim):
len = i2d_X509(cert, NULL);
buf2 = buf = (unsigned char *) mymalloc(len);
i2d_X509(cert, &buf2);
Note that i2d updates its second argument to point to the end of
the buffer just written, which supports append operations, but
means you also need a pointer to the original buffer, hence
the "buf2 = buf = ...". The serialized data is sandwiched
between "buf" (start) and "buf2" (end).
--
--
Viktor.
