Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 13136 invoked from network); 4 Nov 2009 12:34:06 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 4 Nov 2009 12:34:06 -0000 Received: (qmail 19502 invoked by uid 500); 4 Nov 2009 12:34:05 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 19396 invoked by uid 500); 4 Nov 2009 12:34:05 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 19387 invoked by uid 99); 4 Nov 2009 12:34:05 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Nov 2009 12:34:04 +0000 X-ASF-Spam-Status: No, hits=-2.5 required=5.0 tests=AWL,BAYES_00 X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of shenson@oss-institute.org designates 67.18.157.234 as permitted sender) Received: from [67.18.157.234] (HELO ns1.oss-institute.org) (67.18.157.234) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Nov 2009 12:34:02 +0000 Received: from drh-consultancy.demon.co.uk ([80.177.30.10] helo=[56.6.21.2]) by ns1.oss-institute.org with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from ) id 1N5f3T-00076L-NK for dev@httpd.apache.org; Wed, 04 Nov 2009 06:33:40 -0600 Message-ID: <4AF1749E.3000705@oss-institute.org> Date: Wed, 04 Nov 2009 12:33:34 +0000 From: Dr Stephen Henson User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: dev@httpd.apache.org Subject: Re: [PATCH] mod_ssl: improving session caching for SNI configurations References: <4AF14AEC.6060500@velox.ch> In-Reply-To: <4AF14AEC.6060500@velox.ch> X-Enigmail-Version: 0.96.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - ns1.oss-institute.org X-AntiAbuse: Original Domain - httpd.apache.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - oss-institute.org X-Source: X-Source-Args: X-Source-Dir: Kaspar Brand wrote: > Kamesh Jayachandran wrote: >> Reasonable fix for this on the server side is to apply SSL_OP_NO_TICKET >> patch and enable SSLSessionCache. > > There is actually another reason why disabling TLS session tickets makes > sense at the present time: with OpenSSL's current stable version > (0.9.8k), session tickets only work properly for the first/default > vhost. For all other vhosts, mod_ssl will fail to decrypt a > previously-generated ticket, due to the order in which OpenSSL currently > deals with the SNI and ticket extensions (and their callbacks). The > consequence is that with 2.2.x and an SNI configuration, session caching > for clients supporting TLS tickets is not working for all but the first > vhost. > The current OpenSSL (unreleased) stable code uses ticket keys from the initial ctx and not the current one. This makes session resumption with tickets and SNI work again because they all use the same keys. The equivalent can be done with previous versions of OpenSSL by generating the three ticket related keys and initializing the same ones in all SSL_CTX structures. The function macro SSL_CTX_set_tlsext_ticket_keys can be used to do this. > > 1) When configuring a new SSL context (in > ssl_engine_init.c:ssl_init_ctx_tls_extensions), it disables session > ticket support if a server-side session cache is configured. Enabling > both session tickets and a cache for stateful resumption at the same > time doesn't make that much sense anyway, IMO. This change will also > solve the issue with OpenSSL clients (as reported by Kamesh), provided > that a server-side cache is configured. > I suppose if some clients support tickets and others do not then enabling both makes sense. You'd get improved performance for the equivalent cache size because ticket supporting clients would do their own caching and non-ticket clients would use normal stateful session resumption. Though as you note older versions of OpenSSL will be in use for quite a while after 0.9.8l is released. Note this should all be fixed in current unreleased OpenSSL (which will be 0.9.8l) but it needs client side as well as server side changes. Steve. -- Dr Stephen N. Henson. Senior Technical/Cryptography Advisor, Open Source Software Institute: www.oss-institute.org OpenSSL Core team: www.openssl.org