httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 64124] New: TLS1.3 sessions not resumable after graceful restart
Date Fri, 07 Feb 2020 10:10:18 GMT

            Bug ID: 64124
           Summary: TLS1.3 sessions not resumable after graceful restart
           Product: Apache httpd-2
           Version: 2.4.39
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
  Target Milestone: ---

TLSv1.3 session are lost after a graceful restart, which isn't the case with

Steps to reproduce:
- Configure shared-memory session cache:
    SSLSessionCache shmcb:/path/to/datafile[(size)] 

- connect with openssl s_client with the -sess_out <file> parameter so that we
get a session file.

- gracefully restart apache

- connect again with openssl s_client, this time with the -sess_in <file>
parameter so we use that session from before.

- see the full-handshake happening...

now to see the difference just do the same steps but don't gracefully restart

i have had a look in the sources at ssl_scache.c and the killing respectively
the re-initialization of the cache is skipped correctly:

at the top of ssl_scache_init: 
    if (ap_is_graceful()) {
        return APR_SUCCESS;

and also at the beginning of ssl_scache_kill:
    if (mc->sesscache && !ap_is_graceful()) {
        mc->sesscache->destroy(mc->sesscache_context, s);

but still something must be wrong because the graceful obviously somehow
destroys the session...

for more details also see my question on stackoverflow:

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message