Hi, I am migrating my application from 0.9.8g to 1.0.1e and using an external session cache for ssl session renegotiation.
I notice slight performance degradation when running 1.0.1e When i debug using ssldumo here is what i observe: *0.9.8g* New TCP connection #6: localhost.localdomain(59162) <-> localhost.localdomain(12346) 6 1 0.0000 (0.0000) C>SV3.1(81) Handshake ClientHello Version 3.1 random[32]= 52 d8 8a 50 53 9a 04 32 dc 38 89 93 b1 ea b2 bb 50 71 08 a4 02 44 6f 8e 12 fc cb 75 0a 64 cc b0 resume [32]= cf b7 4b 45 69 a1 72 7d cc 0f 0d 84 9d e7 c2 3d c0 e3 d8 70 06 80 02 71 71 16 9a bf da 99 2a 2d cipher suites TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA compression methods NULL 6 2 0.0011 (0.0010) S>CV3.1(74) Handshake ServerHello Version 3.1 random[32]= 52 d8 8a 50 22 5b 5c db 99 15 8f 57 3a 9c 3b 9d c3 bd 9b 9b a8 3f 7d 66 a3 fd a1 4e 2f 2e 3c a6 session_id[32]= cf b7 4b 45 69 a1 72 7d cc 0f 0d 84 9d e7 c2 3d c0 e3 d8 70 06 80 02 71 71 16 9a bf da 99 2a 2d cipherSuite TLS_RSA_WITH_AES_256_CBC_SHA compressionMethod NULL 6 3 0.0011 (0.0000) S>CV3.1(1) ChangeCipherSpec 6 4 0.0011 (0.0000) S>CV3.1(40) Handshake 6 5 0.0013 (0.0001) C>SV3.1(1) ChangeCipherSpec 6 6 0.0013 (0.0000) C>SV3.1(40) Handshake 6 7 0.0014 (0.0001) C>SV3.1(24) application_data 6 8 0.0014 (0.0000) C>SV3.1(960) application_data 6 9 0.0045 (0.0031) S>CV3.1(24) application_data 6 10 0.0045 (0.0000) S>CV3.1(640) application_data 6 11 0.0062 (0.0016) C>SV3.1(24) Alert 6 12 0.0063 (0.0000) S>CV3.1(24) Alert 6 0.0064 (0.0001) C>S TCP RST *1.0.1e* New TCP connection #7: localhost.localdomain(59171) <-> localhost.localdomain(12346) 7 1 0.0000 (0.0000) C>SV3.1(94) Handshake ClientHello Version 3.1 random[32]= 52 d8 8a a9 cf 2d eb 75 51 44 f8 3e 6a 55 03 4f 5d a8 99 3e 4e ca 14 da a8 ea a0 8e 3c f0 45 48 resume [32]= cf b7 4b 45 69 a1 72 7d cc 0f 0d 84 9d e7 c2 3d c0 e3 d8 70 06 80 02 71 71 16 9a bf da 99 2a 2d cipher suites TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0xff compression methods NULL 7 2 0.0017 (0.0016) S>CV3.1(90) Handshake ServerHello Version 3.1 random[32]= 52 d8 8a a9 b1 12 c9 db cc 61 cf fb e5 34 b5 4b c3 54 2a f7 19 9b b9 03 e8 65 36 70 c0 a0 fc 66 session_id[32]= cf b7 4b 45 69 a1 72 7d cc 0f 0d 84 9d e7 c2 3d c0 e3 d8 70 06 80 02 71 71 16 9a bf da 99 2a 2d cipherSuite TLS_RSA_WITH_AES_256_CBC_SHA compressionMethod NULL *7 3 0.0017 (0.0000) S>CV3.1(1178) Handshake* * TLS_RSA_WITH_RC4_128_MD5* 7 4 0.0017 (0.0000) S>CV3.1(1) ChangeCipherSpec 7 5 0.0017 (0.0000) S>CV3.1(40) Handshake 7 6 0.0019 (0.0002) C>SV3.1(1) ChangeCipherSpec 7 7 0.0019 (0.0000) C>SV3.1(40) Handshake 7 8 0.0021 (0.0001) C>SV3.1(24) application_data 7 9 0.0021 (0.0000) C>SV3.1(960) application_data 7 10 0.0052 (0.0030) S>CV3.1(24) application_data 7 11 0.0052 (0.0000) S>CV3.1(640) application_data 7 12 0.0069 (0.0017) C>SV3.1(24) Alert 7 13 0.0070 (0.0000) S>CV3.1(24) Alert 7 0.0071 (0.0000) C>S TCP RST I am wondering why ssldump is printing an extra handshake message with the cipher which i have not enabled in my code. Any pointers on what could be going on here? -- Rohit Bansal