On Thu, Dec 18, 2003 at 10:13:27AM +0000, Philip L Smith wrote: > >Changes between 0.9.6g and 0.9.6h [5 Dec 2002] > >... > > *) Bugfix: client side session caching did not work with external caching, > > because the session->cipher setting was not restored when reloading > > from the external cache. This problem was masked, when > > SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set. > > (Found by Steve Haslam <[EMAIL PROTECTED]>.) > > [Lutz Jaenicke] > > > >What version of OpenSSL are you using? > > > >Best regards, > > Lutz > > > > > I'm using OpenSSL 0.9.7b 10 Apr 2003, and also have the bug workarounds on > > // switch on bug workarounds > SSL_CTX_set_options(m_pSslV23Ctx,SSL_OP_ALL); > > Does this branch have the fixes in too ?
Yes. Actually, I do use client side session caching with an external storage myself in Postfix/TLS, so I _should_ have noted problems. > Anything else I need to check ? Can you analyze the session with ssldump? It should show whether the client application does actually offer reuse of the session with its session-ID. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]