https://bugs.exim.org/show_bug.cgi?id=2255

Git Commit <g...@exim.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |g...@exim.org

--- Comment #27 from Git Commit <g...@exim.org> ---
Git commit:
https://git.exim.org/exim.git/commitdiff/a28050f855e0011e0b6f1b395d65e3cebcb277a2

commit a28050f855e0011e0b6f1b395d65e3cebcb277a2
Author:     Jeremy Harris <jgh146...@wizmail.org>
AuthorDate: Sun Apr 8 22:45:39 2018 +0100
Commit:     Jeremy Harris <jgh146...@wizmail.org>
CommitDate: Sun Apr 8 22:50:49 2018 +0100

    OpenSSL: Revert the disabling of the session-cache.  Bug 2255

    Session cacheing is never useful, as we use a new context for every TLS
startup.
    However, removing the support triggers odd behaviour from Outlook Express
(only
    when there is an IMAP server on the same machine as Exim): an initial
connect
    from the OE client fails, the immediate retry works.
---
 doc/doc-txt/ChangeLog |  3 +++
 src/src/tls-openssl.c | 10 ++++++++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 903840a..5e9d2af 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -200,6 +200,9 @@ JH/36 Fix reinitialisation of DKIM logging variable between
messages.
       Previously it was possible to log spurious information in receive log
       lines.

+JH/37 Bug 2255: Revert the disable of the OpenSSL session caching.  This
+      triggered odd behaviour from Outlook Express clients.
+

 Exim version 4.90
 -----------------
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index c142bd0..bfdfe21 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1601,9 +1601,15 @@ if (init_options)
 else
   DEBUG(D_tls) debug_printf("no SSL CTX options to set\n");

-/* Disable session cache unconditionally */
-
+/* We'd like to disable session cache unconditionally, but foolish Outlook
+Express clients then give up the first TLS connection and make a second one
+(which works).  Only when there is an IMAP service on the same machine.
+Presumably OE is trying to use the cache for A on B.  Leave it enabled for
+now, until we work out a decent way of presenting control to the config.  It
+will never be used because we use a new context every time. */
+#ifdef notdef
 (void) SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
+#endif

 /* Initialize with DH parameters if supplied */
 /* Initialize ECDH temp key parameter selection */

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Reply via email to