From fcbafa805f980748d19405b92f9b56840966d2a0 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Fri, 28 Jul 2006 19:34:31 +0000
Subject: Warnings on duplicates and overlaps?

svn path=/openssl/README; revision=111
---
 openssl/README | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'openssl')

diff --git a/openssl/README b/openssl/README
index 3cd9b629..c21feb57 100644
--- a/openssl/README
+++ b/openssl/README
@@ -1,4 +1,4 @@
-$Id$
+$Id$ -*- Text -*- 
 
 OpenSSL hacked to add support for the RFC 3779 X.509 v3 extensions.
 
@@ -218,3 +218,12 @@ Random reminders and notes to myself:
   necessary to use inet_ntop(), as we're mostly dealing with prefixes
   here and thus can probably get away with a simplified IPv6 printout
   routine that doesn't bother with "::" except at the end of a prefix.
+
+- Right now the library code silently merges duplicates and overlaps.
+  It might useful to emit warnings when we do this.  Merging all takes
+  place when we're whacking the extension into canonical form, so it
+  should be easy to do this; the only hard part is figuring out
+  whether the application wants it, and, if so, where the application
+  wants it sent.  This probably requires a global variable, either a
+  pointer to a BIO stream or a callback (probably the latter as it's
+  less likely to cause surprising results running multi-threaded).
-- 
cgit v1.2.3