httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <shen...@oss-institute.org>
Subject Re: Strange error(parse tlsext bug) in mod_ssl since httpd-2.2.12
Date Wed, 28 Oct 2009 17:23:49 GMT
Kamesh Jayachandran wrote:
> 
>>That is most peculiar. The server is sending back a zero length session
> ID in
>>the server hello which it shouldn't be doing if tickets are disabled.
> 
>>Is the server somehow using an older version of OpenSSL? There has been
> a bug >in
>>the past which might do that but it was fixed well before 0.9.8k.
> 
> Server uses openssl-0.9.8k.
> 

Do you have session caching disabled in the server configuration, either
accidentally or deliberately? That seems to me to be the only thing that fits
the tcpdump you sent.

If so please turn session caching on and try the SSL_OP_NO_TICKET patch again.

Steve.
-- 
Dr Stephen N. Henson. Senior Technical/Cryptography Advisor,
Open Source Software Institute: www.oss-institute.org
OpenSSL Core team: www.openssl.org

Mime
View raw message