Re: ssl renegotiate

2016-02-10 Thread Stefan Eissing
With r1729581, all seems fine again in handshake land. Stefan > Am 09.02.2016 um 21:54 schrieb Stefan Eissing : > > Testing in trunk, 2.4.x seems to be fine. It's the httpd/test/mod_h2/trunk > test cases (do not expect you to get that running). I will take a

Re: ssl renegotiate

2016-02-10 Thread Rainer Jung
Big oups, sorry! I was just doing a bisection. Happy I can stop that. Thanks a bunch, Rainer Am 10.02.2016 um 12:31 schrieb Stefan Eissing: With r1729581, all seems fine again in handshake land. Stefan Am 09.02.2016 um 21:54 schrieb Stefan Eissing : Testing

Re: ssl renegotiate

2016-02-09 Thread Rainer Jung
Am 09.02.2016 um 19:20 schrieb Stefan Eissing: Ah, closer look revealed that the first test was a cipher renegotiation using HTTP/1.1. That no longer works, but the slave connection checks do. So, false alarm on that front. Will disable the renegotiation tests that fail for now until the

Re: ssl renegotiate

2016-02-09 Thread Stefan Eissing
Testing in trunk, 2.4.x seems to be fine. It's the httpd/test/mod_h2/trunk test cases (do not expect you to get that running). I will take a closer look tomorrow as there is more fishy than just the renegotiation. I see more failures than that. I will try an earlier mod_ssl tomorrow and try to

Re: ssl renegotiate

2016-02-09 Thread Rainer Jung
Am 09.02.2016 um 20:03 schrieb Stefan Eissing: Am 09.02.2016 um 19:58 schrieb Rainer Jung : Am 09.02.2016 um 19:20 schrieb Stefan Eissing: Ah, closer look revealed that the first test was a cipher renegotiation using HTTP/1.1. That no longer works, but the slave

Re: ssl renegotiate

2016-02-09 Thread Stefan Eissing
> Am 09.02.2016 um 19:58 schrieb Rainer Jung : > > Am 09.02.2016 um 19:20 schrieb Stefan Eissing: >> Ah, closer look revealed that the first test was a cipher renegotiation >> using HTTP/1.1. That no longer works, but the slave connection checks do. >> So, false alarm

ssl renegotiate

2016-02-09 Thread Stefan Eissing
With the new renegotiate code, I get failures in trunk for my tests that expect renegotiation to fail on slave connections. Rainer, not sure how this works now. Can you have a look? -Stefan

Re: ssl renegotiate

2016-02-09 Thread Stefan Eissing
Ah, closer look revealed that the first test was a cipher renegotiation using HTTP/1.1. That no longer works, but the slave connection checks do. So, false alarm on that front. Will disable the renegotiation tests that fail for now until the 1.1.0 openssl work is done... Sorry for the