httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <>
Subject Re: Strange error(parse tlsext bug) in mod_ssl since httpd-2.2.12
Date Fri, 30 Oct 2009 17:46:24 GMT
Kamesh Jayachandran wrote:
>>Do you have session caching disabled in the server configuration, either
>>accidentally or deliberately? That seems to me to be the only thing
> that fits
>>the tcpdump you sent.
>>If so please turn session caching on and try the SSL_OP_NO_TICKET patch
> again.
> I am away from the test setup. Should be able to do this only on coming
> Monday.

OK, will be interested to know if that works.

Based on my analysis the latest snapshots of OpenSSL should fix this properly
but that is a client side fix.

Server side disabling tickets and making sure the session cache is enabled
should be a usable workaround.

Dr Stephen N. Henson. Senior Technical/Cryptography Advisor,
Open Source Software Institute:
OpenSSL Core team:

View raw message