[sean.cunning...@mandiant.com - Tue Jun 30 02:22:28 2009]:
Currently OpenSSL always uses the values in client hello and server
hello to negotiate compression even for a resumed session. So provided
the client includes the compression method from the original method in
client hello (as
...@mandiant.com
www.mandiant.com
From: Stephen Henson via RT [...@openssl.org]
Sent: Tuesday, June 30, 2009 7:05 AM
To: Sean Cunningham
Cc: openssl-dev@openssl.org
Subject: [openssl.org #1960] i2d_SSL_SESSION/d2i_SSL_SESSION does not persist
session
[sean.cunning...@mandiant.com - Tue Jun 30 17:06:26 2009]:
Can you find a way to reproduce this behaviour with s_client/s_server
or
does it only happen with external session caches?
I took a look at s_server. It uses openssl's default session cache,
which does not flatten the
: [openssl.org #1960] i2d_SSL_SESSION/d2i_SSL_SESSION does not persist
session compress_meth
[sean.cunning...@mandiant.com - Thu Jun 25 08:23:49 2009]:
This bug is not platform specific.
Some proxies, such as nginx, implement custom session caches via the
openssl callback API's
[sean.cunning...@mandiant.com - Thu Jun 25 08:23:49 2009]:
This bug is not platform specific.
Some proxies, such as nginx, implement custom session caches via the
openssl callback API's. This implementation makes use of the
i2d_SSL_SESSION API to copy the session into a