Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9401998F3 for ; Tue, 17 Jan 2012 19:26:23 +0000 (UTC) Received: (qmail 27143 invoked by uid 500); 17 Jan 2012 19:26:22 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 27089 invoked by uid 500); 17 Jan 2012 19:26:21 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 27081 invoked by uid 99); 17 Jan 2012 19:26:21 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 17 Jan 2012 19:26:21 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of info@apachelounge.com designates 85.223.52.177 as permitted sender) Received: from [85.223.52.177] (HELO land10web.com) (85.223.52.177) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 17 Jan 2012 19:26:16 +0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=apachelounge.com; h=Subject:From:Date; b=IpaLCOXnqFS4EufwwcuQe8wW9l9BGgFroTrpXZjJLI4hE+DrbdEOF+wb4oe0kelcF+6xJ1cqRPkuM6eQzs49wolRVZzBWkXHDytRKoKGJ7KTMCA0L615Tz+Fmnn2HOIv; X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=84.241.222.218; Received: from [10.188.100.6] (unverified [84.241.222.218]) by land10web.com (SurgeMail 5.3i) with ESMTP (TLS) id 9790-1382150 for ; Tue, 17 Jan 2012 20:25:40 +0100 Subject: Re: SSL and windows with AcceptFilter https none References: <4F1595B9.50502@primary.net> From: Steffen Content-Type: text/plain; charset=us-ascii X-Mailer: iPhone Mail (9A405) In-Reply-To: <4F1595B9.50502@primary.net> Message-Id: <32B53C9C-C0C1-4D2A-AFB3-E582767D069A@apachelounge.com> Date: Tue, 17 Jan 2012 19:25:36 +0000 To: "dev@httpd.apache.org" Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) It is line with our reports. Thanks, and this confirms again there is some b= roken serious.=20 For me a showstopper 2.4, tons of win users going to deal with this.=20 Work around is to use 2.2.21 SSL-only and minimal config in front of 2.4.=20= Op 17 jan. 2012 om 15:37 heeft Daniel Ruggeri het vol= gende geschreven: > All; > I have submitted PR 52476 to track and document this bug. I've > uploaded the logs from my tests where I was able to duplicate the problem.= > http://people.apache.org/~druggeri/logs/WinSSL/ >=20 > Initially I was just setting up my testbed and hitting 127.0.0.1 to > make sure the small LWP script can duplicate the problem and help track > it down... it was trival to reproduce the bug on this Winsows 7 x64 > installation. Since I was able to reproduce quickly, I never got past > testing on local IP's, though this should suffice since it's technically > running through the TCP stack just as well. >=20 > I was able to reproduce inconsistently in Firefox 8.0.1 and IE 8 > after enabling AcceptFilter https none. I was able to consistently > reproduce the error with openssl-based clients (LWP and openssl > s_client). The common error across all clients is a complaint with the > ClientHello message. I was not able to find a failure where partial > content was served - it was all or nothing for me at an SSL connection > level. >=20 > I don't have the expertise to dig into this one, but since several > folks have been unable to reproduce the problem, I'll be happy to serve > as a testing ground. >=20 > --=20 > Daniel Ruggeri >=20