On 4/3/15 7:44 AM, Jan Urbański wrote:
> To reiterate: I recognise that not handling the callbacks is not the right
> answer. But not stomping on callbacks others might have set sounds like a
> minimal and safe improvement.
I think your patch is okay in that it is not a good idea to overwrite or
unset someone else's callbacks. But we shouldn't mistake that for
fixing the underlying problem. The only reason this patch appears to
fix the presented test cases is because other OpenSSL users are also
misbehaving and/or the OpenSSL interfaces are so stupid that they cannot
be worked with reasonably.