DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21290>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21290 Progressive failure of MAC Message Decoding in HTTPS handler (lib(20):ssl func(143):reason(1109)) [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From [EMAIL PROTECTED] 2003-07-09 19:21 ------- Yet more information. It turns out the "RSA Blinding" patch for openssl is the culprit. It isn't threadsafe, and while this works for apache w/prefork, worker, being multithreaded, will display this issue under load. As a point of note, Red Hat 7-9 incorporate this patch. This means the worker mpm (or any other threaded mpm) WILL FAIL UNDER LOAD at this point. This is true of anyone else using the RSA Blinding patch from Bugtraq. I'm closing this bug as INVALID since the bug isn't with apache. However, I think this is something that should be noted somewhere, since this has the potential to affect virtually anoyone using SSL, apache 2, and the worker MPM. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
