https://bz.apache.org/bugzilla/show_bug.cgi?id=64437
--- Comment #7 from Armin Abfalterer <[email protected]> --- I applied the patch to 2.4.43. Now, I get status 200 and there is no error in the error_log. However, the network dumps still look different when requesting the URI directly or when mod_proxy is involved. I don't attach new dumps as the look the same as the ones already attached. That there is still a difference in behavior can be shown by staring s_server with the -msg option, e.g. like following openssl s_server -port 10016 -www -tls1_2 -cert sserver.pem -msg | grep -E "TLS 1.|reneg" The output when requesting the URI /reneg directly from s_server looks following <<< TLS 1.3, Handshake [length 0200], ClientHello >>> TLS 1.2, Handshake [length 0041], ServerHello >>> TLS 1.2, Handshake [length 0412], Certificate >>> TLS 1.2, Handshake [length 012c], ServerKeyExchange >>> TLS 1.2, Handshake [length 0004], ServerHelloDone <<< TLS 1.2, Handshake [length 0025], ClientKeyExchange <<< TLS 1.2, Handshake [length 0010], Finished >>> TLS 1.2, Handshake [length 00aa], NewSessionTicket >>> TLS 1.2, ChangeCipherSpec [length 0001] >>> TLS 1.2, Handshake [length 0010], Finished SSL_renegotiate -> 1 >>> TLS 1.2, Handshake [length 0004], HelloRequest <<< TLS 1.3, Handshake [length 0200], ClientHello >>> TLS 1.2, Handshake [length 0041], ServerHello >>> TLS 1.2, Handshake [length 0412], Certificate >>> TLS 1.2, Handshake [length 012c], ServerKeyExchange >>> TLS 1.2, Handshake [length 0004], ServerHelloDone <<< TLS 1.2, Handshake [length 0025], ClientKeyExchange <<< TLS 1.2, Handshake [length 0010], Finished >>> TLS 1.2, Handshake [length 00aa], NewSessionTicket >>> TLS 1.2, ChangeCipherSpec [length 0001] >>> TLS 1.2, Handshake [length 0010], Finished When mod_proxy is involved, the output of s_server looks following <<< TLS 1.3, Handshake [length 0200], ClientHello >>> TLS 1.2, Handshake [length 0041], ServerHello >>> TLS 1.2, Handshake [length 0412], Certificate >>> TLS 1.2, Handshake [length 012c], ServerKeyExchange >>> TLS 1.2, Handshake [length 0004], ServerHelloDone <<< TLS 1.2, Handshake [length 0025], ClientKeyExchange <<< TLS 1.2, Handshake [length 0010], Finished >>> TLS 1.2, Handshake [length 00aa], NewSessionTicket >>> TLS 1.2, ChangeCipherSpec [length 0001] >>> TLS 1.2, Handshake [length 0010], Finished SSL_renegotiate -> 1 >>> TLS 1.2, Handshake [length 0004], HelloRequest In the later case it looks like as renegotiation is not finished correctly. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
