[EMAIL PROTECTED] writes:
> Our QA team noticed that a browser had connected to the server using a
> particular cipher, the server was then configured to not allow that cipher,
> the server was re-started, and the browser was able to resume its session
> using the now dis-allowed cipher.
I mean, should O_TRUNC be added to ssl_dbm_open in ssl_scache_dbm_init (not
in every call to ssl_dbm_open)?
-Tom
--
Tom Vaughan <tvaughan at aventail dot com>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
