Re: Session ID caching in mod_ssl

[Ralf S. Engelschall]

On Wed, Feb 09, 2000, Anshuman Kanetkar wrote:

> Does mod_ssl ever explicitly turn session ID caching off? At least looking at
> the source code, it does not appear to do so. Is this intentional?
>
> [...]
>     if (mc->nSessionCacheMode == SSL_SCMODE_UNSET)
>         SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
>     else
>         SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER);
> [...]

No, it isn't intentional, it's a typo.
The following patch fixed this for mod_ssl 2.5.1:

Index: ssl_engine_init.c
===================================================================
RCS file: /e/modssl/cvs/mod_ssl/pkg.apache/src/modules/ssl/ssl_engine_init.c,v
retrieving revision 1.93
diff -u -r1.93 ssl_engine_init.c
--- ssl_engine_init.c   1999/12/30 20:58:08 1.93
+++ ssl_engine_init.c   2000/02/09 16:27:02
@@ -540,7 +540,7 @@
      * Configure additional context ingredients
      */
     SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
-    if (mc->nSessionCacheMode == SSL_SCMODE_UNSET)
+    if (mc->nSessionCacheMode == SSL_SCMODE_NONE)
         SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
     else
         SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER);

Thanks for your feedback.
                                       Ralf S. Engelschall
                                       [EMAIL PROTECTED]
                                       www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]