Looks like the problem is already known
as 0.9.7 is not released yet can anyone send me this fixed s3_svr.c ?
thanks
Changes between 0.9.6 and 0.9.7 [xx XXX 2002]
.........
*) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
variable as an indication that a ClientHello message has been
received. As the flag value will be lost between multiple
invocations of ssl3_accept when using non-blocking I/O, the
function may not be aware that a handshake has actually taken
place, thus preventing a new session from being added to the
session cache.
To avoid this problem, we now set s->new_session to 2 instead of
using a local variable.
[Lutz Jaenicke, Bodo Moeller]
-----Original Message-----
From: Craig Hellon [mailto:[EMAIL PROTECTED]]
Sent: 18 February 2002 13:20
To: Openssl-Dev (E-mail)
Subject: session reuse in 0.9.6c
I have found a problem reusing session ids at the server side.
The problem arose when I moved from 0.9.5a (non engine) to 0.9.6c (engine).
I have found that by placing the s3_srvr.c code from 0.9.5a into the 0.9.6c
build the session reuse works again.
Not familiar enough with the code to understand what is wrong, is this a
known issue ?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
