httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: [PATCH] Allow for internal OpenSSL Session Cache
Date Tue, 05 Jul 2005 17:55:40 GMT

On Jul 5, 2005, at 1:41 PM, Paul Querna wrote:

> Jim Jagielski wrote:
>
>
>> I've run into this with some "broken" browsers. Basically, they
>> require a non-null SessionID in the SSL transaction. If, for whatever
>> reason, we disable the external SSL Session Cache, these
>> browsers reports errors when connecting to the SSL vhost.
>>
>> This adds a new argument to SSLSessionCache which says "disable any
>> external session cache, but use OpenSSL's internal one" which makes
>> OpenSSL send the SessionID parameter again.
>>
>>
>
> How about "internal" instead of "justinternal"?
>

Yeah, I'm not too happy with 'justinternal'... but a shared memory cache
could be considered "internal"... How about "nonshared" or "openssl"
or whatever :)

> I assume this session cache is local to the SSL Context?
>
> Any browser which requires an SSL Session to work is quite broken.   
> Do you have a list of browsers that we could add to the documentation?

Mostly seen in, no surprise, some MSIE browsers, as well as some Java
HTTPS clients. I'll try to get the list.

Mime
View raw message