Return-Path: Delivered-To: apmail-httpd-bugs-archive@www.apache.org Received: (qmail 9942 invoked from network); 19 May 2009 12:11:28 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 19 May 2009 12:11:28 -0000 Received: (qmail 29360 invoked by uid 500); 19 May 2009 12:11:28 -0000 Delivered-To: apmail-httpd-bugs-archive@httpd.apache.org Received: (qmail 29312 invoked by uid 500); 19 May 2009 12:11:28 -0000 Mailing-List: contact bugs-help@httpd.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: Reply-To: "Apache HTTPD Bugs Notification List" List-Id: Delivered-To: mailing list bugs@httpd.apache.org Received: (qmail 29300 invoked by uid 99); 19 May 2009 12:11:28 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 May 2009 12:11:28 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 May 2009 12:11:25 +0000 Received: by brutus.apache.org (Postfix, from userid 33) id 11B88234C046; Tue, 19 May 2009 05:11:04 -0700 (PDT) From: bugzilla@apache.org To: bugs@httpd.apache.org Subject: DO NOT REPLY [Bug 47055] SSLVerifyClient + Directory doesn't use cache sessions X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: newchanged X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Apache httpd-2 X-Bugzilla-Component: mod_ssl X-Bugzilla-Keywords: X-Bugzilla-Severity: critical X-Bugzilla-Who: mike.pechkin@gmail.com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: bugs@httpd.apache.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: In-Reply-To: References: Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Message-Id: <20090519121104.11B88234C046@brutus.apache.org> Date: Tue, 19 May 2009 05:11:04 -0700 (PDT) X-Virus-Checked: Checked by ClamAV on apache.org https://issues.apache.org/bugzilla/show_bug.cgi?id=47055 --- Comment #13 from Mike 2009-05-19 05:11:00 PST --- fix for wrong sid_ctx doesn't help. the core of the issue is here: if ((dc->nOptions & SSL_OPT_OPTRENEGOTIATE) && (verify_old == SSL_VERIFY_NONE) && ((peercert = SSL_get_peer_certificate(ssl)) != NULL)) { renegotiate_quick = TRUE; X509_free(peercert); } SSL_get_peer_certificate() returns NULL and renegotiate_quick doesn't set TRUE and apache doesn't do *quick* renegotiation and client auth. keep having fun... -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org For additional commands, e-mail: bugs-help@httpd.apache.org