On Thu, Dec 18, 2003 at 10:13:27AM +0000, Philip L Smith wrote:
> >Changes between 0.9.6g and 0.9.6h [5 Dec 2002]
> >...
> > *) Bugfix: client side session caching did not work with external caching,
> > because the session->cipher setting was not restored when reloading
> > from the external cache. This problem was masked, when
> > SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
> > (Found by Steve Haslam <[EMAIL PROTECTED]>.)
> > [Lutz Jaenicke]
> >
> >What version of OpenSSL are you using?
> >
> >Best regards,
> > Lutz
> >
> >
> I'm using OpenSSL 0.9.7b 10 Apr 2003, and also have the bug workarounds on
>
> // switch on bug workarounds
> SSL_CTX_set_options(m_pSslV23Ctx,SSL_OP_ALL);
>
> Does this branch have the fixes in too ?
Yes. Actually, I do use client side session caching with an external
storage myself in Postfix/TLS, so I _should_ have noted problems.
> Anything else I need to check ?
Can you analyze the session with ssldump? It should show whether
the client application does actually offer reuse of the session with
its session-ID.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
