From: Lutz Jaenicke <[EMAIL PROTECTED]> Lutz.Jaenicke> The (needed) fix should have one side effect (from Lutz.Jaenicke> conclusion, I did not try it): Since the SSL_connect() Lutz.Jaenicke> is now performed with SSLv2 only, in case the session Lutz.Jaenicke> cannot be reused, the new session will also be of type Lutz.Jaenicke> SSLv2, even if both the server and the client could do Lutz.Jaenicke> better. Hmm, isn't this true for SSL3 and TLS1 as well? I'm not that good at finding my way in the SSL-specific code yet so I may very well be missing something. Lutz.Jaenicke> +1 to change this in both current and stable. OK. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, Celo Communications: http://www.celocom.com/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Session reuse on client side when the session runs SSLv2 fails
Richard Levitte - VMS Whacker Fri, 02 Mar 2001 03:15:01 -0800
- Session reuse on client side when the sessio... Richard Levitte - VMS Whacker
- Re: Session reuse on client side when t... Lutz Jaenicke
- Re: Session reuse on client side when t... Richard Levitte - VMS Whacker
- Re: Session reuse on client side wh... Lutz Jaenicke
