At 14:52 11.04.2002 +0200, Lutz Jaenicke wrote: >On Thu, Apr 11, 2002 at 02:35:16PM +0200, "�ivind H. Danielsen" wrote: > > The following two ssl3 negotiations illustrate a problem I have > > been having with the local variable got_new_session in the > > (s3_srvr.c) SSL3_accept function: > >[analysis deleted] > >You do not state which version of openssl you are using. There was a bug >in 0.9.6c that was fixed in current snapshots (and therefore will be >fixed in 0.9.6d and 0.9.7): > *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of > ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag > variable as an indication that a ClientHello message has been > received. As the flag value will be lost between multiple > invocations of ssl3_accept when using non-blocking I/O, the > function may not be aware that a handshake has actually taken > place, thus preventing a new session from being added to the > session cache. > > To avoid this problem, we now set s->new_session to 2 instead of > using a local variable. > [Lutz Jaenicke, Bodo Moeller]
This matches my case exactly. I was using the latest release (0.9.6c). My problem is gone using the 2000-04-10 0.9.6 snapshot. Thanks for your quick response. Best Regards, - �ivind ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
