On Thu, Mar 25, 2004 at 03:28:38PM -0800, Mathihalli, Madhusudan wrote: > Hello, > Apart from flagging OpenSSL to NOT lookup the internal cache for > session-id's, we should ALSO tell OpenSSL to NOT store the > sessions ! This fixes my problem where the httpd process size > keeps increasing when SSLVerifyClient is enabled along with > SSLSessionCache.
Nice! So this is the fix for #26562? Don't forget to update the comment before you commit, and it looks like this is a new flag since OpenSSL 0.9.6h so should use a compatibility ifdef: #ifndef SSL_SESS_CACHE_NO_INTERNAL #define SSL_SESS_CACHE_NO_INTERNAL SSL_SESS_CACHE_NO_INTERNAL_LOOKUP #endif > --- ssl_engine_init.c 5 Mar 2004 02:44:40 -0000 1.126 > +++ ssl_engine_init.c 25 Mar 2004 23:27:02 -0000 > @@ -450,7 +450,7 @@ > * to ignore process local-caching and > * to always get/set/delete sessions using mod_ssl's callbacks. > */ > - cache_mode = SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL_LOOKUP; > + cache_mode = SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL; > } > > SSL_CTX_set_session_cache_mode(ctx, cache_mode);