On Wed, Aug 11, 1999, [EMAIL PROTECTED] wrote:
> [EMAIL PROTECTED] writes:
>
> > Our QA team noticed that a browser had connected to the server using a
> > particular cipher, the server was then configured to not allow that cipher,
> > the server was re-started, and the browser was able to resume its session
> > using the now dis-allowed cipher.
>
> I mean, should O_TRUNC be added to ssl_dbm_open in ssl_scache_dbm_init (not
> in every call to ssl_dbm_open)?
Hmmm... I've no great opinion on this issue. I can see reasonable arguments
for both keeping the DBM file and truncating it. At least I've no objection
on using O_TRUNC or doing an unlink before ssl_dbm_open in
ssl_scache_dbm_init. What is the opinion of others?
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
