Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 48323 invoked from network); 5 Jul 2005 17:55:51 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 5 Jul 2005 17:55:51 -0000 Received: (qmail 41479 invoked by uid 500); 5 Jul 2005 17:55:45 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 41424 invoked by uid 500); 5 Jul 2005 17:55:45 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 41411 invoked by uid 99); 5 Jul 2005 17:55:45 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Jul 2005 10:55:45 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [209.133.199.10] (HELO jimsys.jagunet.com) (209.133.199.10) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Jul 2005 10:55:45 -0700 Received: from [127.0.0.1] (localhost [127.0.0.1]) by jimsys.jagunet.com (Postfix) with ESMTP id 06A995F06D4 for ; Tue, 5 Jul 2005 13:55:40 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v730) In-Reply-To: <42CAC65E.1050909@force-elite.com> References: <3891F9F6-A04B-44ED-BA3D-AD5EA3E97577@jaguNET.com> <42CAC65E.1050909@force-elite.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Jim Jagielski Subject: Re: [PATCH] Allow for internal OpenSSL Session Cache Date: Tue, 5 Jul 2005 13:55:40 -0400 To: dev@httpd.apache.org X-Mailer: Apple Mail (2.730) X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N On Jul 5, 2005, at 1:41 PM, Paul Querna wrote: > Jim Jagielski wrote: > > >> I've run into this with some "broken" browsers. Basically, they >> require a non-null SessionID in the SSL transaction. If, for whatever >> reason, we disable the external SSL Session Cache, these >> browsers reports errors when connecting to the SSL vhost. >> >> This adds a new argument to SSLSessionCache which says "disable any >> external session cache, but use OpenSSL's internal one" which makes >> OpenSSL send the SessionID parameter again. >> >> > > How about "internal" instead of "justinternal"? > Yeah, I'm not too happy with 'justinternal'... but a shared memory cache could be considered "internal"... How about "nonshared" or "openssl" or whatever :) > I assume this session cache is local to the SSL Context? > > Any browser which requires an SSL Session to work is quite broken. > Do you have a list of browsers that we could add to the documentation? Mostly seen in, no surprise, some MSIE browsers, as well as some Java HTTPS clients. I'll try to get the list.