httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 44072] New: - SSL_SESSION_ID change and "SSLSessionCacheTimeout" don't help
Date Thu, 13 Dec 2007 14:02:16 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=44072>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=44072

           Summary: SSL_SESSION_ID change and "SSLSessionCacheTimeout" don't
                    help
           Product: Apache httpd-2
           Version: 2.2.6
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: blocker
          Priority: P1
         Component: All
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: alcol@hotmail.com


SSLSessionCache         dbm:/usr/local/apache2/logs/ssl_scache
SSLSessionCacheTimeout  360

Don't help to pass to 3600 or something else. Inside 60 seconds the 
$SSL_SESSION_ID enviroment change is reinitialized.

How to have a random unique ID for each client that opened a session in Keep-
Alive and don't close the IP sockets?

I need a session id, ya I can store it inside a database of mine but is more 
sure to check what is in the user browser cookies, inside the recorded (file) 
session, inside Apache session (SSL_SESSION_ID) enviroment variable.

Why it change, why it ahange not respecting SSLSessionCacheTimeout
What to do to have an unique and not time related SESSION ID? inside SSL or 
not SSL

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message