httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: ssl renegotiate
Date Tue, 09 Feb 2016 20:47:06 GMT
Am 09.02.2016 um 20:03 schrieb Stefan Eissing:
>
>> Am 09.02.2016 um 19:58 schrieb Rainer Jung <rainer.jung@kippdata.de>:
>>
>> Am 09.02.2016 um 19:20 schrieb Stefan Eissing:
>>> Ah, closer look revealed that the first test was a cipher renegotiation using
HTTP/1.1. That no longer works, but the slave connection checks do. So, false alarm on that
front. Will disable the renegotiation tests that fail for now until the 1.1.0 openssl work
is done...
>>>
>>> Sorry for the confusion.
>>>
>>>> Am 09.02.2016 um 19:11 schrieb Stefan Eissing <stefan.eissing@greenbytes.de>:
>>>>
>>>> With the new renegotiate code, I get failures in trunk for my tests that
expect renegotiation to fail on slave connections. Rainer, not sure how this works now. Can
you have a look?
>>
>> No problem, thanks for doing tests as well. Yes, the cipher change reneg is still
expected to fail (only when using OpenSSL 1.1.0).
>
> Was using OpenSSL 1.0.2 in my tests...

That's strange then, because I didn't (intentionally) change the 
behavior for pre 1.1.0. Instead I tried to keep the code the same in 
that case and postpone any cleanups (let pre-1.1.0 use the same code as 
1.1.0) to the time 1.1.0 runs fine.

So could it be something else? Is it a test case which is part of the 
test suite? If yes, which one? Which version (trunk or 2.4) did you 
test. I would try to reproduce here.

Regards,

Rainer


Mime
View raw message