httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 44961] SSL session resumption does not properly work with openssl > 0.9.8f
Date Thu, 14 Jul 2011 20:11:12 GMT

strodgers <> changed:

           What    |Removed                     |Added
                 CC|                            |

--- Comment #1 from strodgers <> 2011-07-14 20:11:12 UTC ---
Is there anything that can be done to help get this some more attention?  The
way HTTPD is currently assigning SSL session contexts during full renegotiation
truly does appear to be broken.  This is preventing +OptRenegotiate (quick
renegotiation) from working as designed and documented.  The customer base I
support uses hardware-based client certificates which are noticeably slow when
HTTPD forces full renegotiations for each object because of this bug.  There
are workarounds that help, but this is an actual problem and a documented
feature that is broken.

I started at bug #47055, and landed here.  I’ve applied each suggested patch
along the way and this bug report explanation and patch seems to be the most
elegant.  I’d be delighted to assist with testing in order to get an official
fix signed off and committed.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message