Hi Steve,
Do you also agree with David's proposal to change the calls to
BIO_ctrl(, BIO_CTRL_INFO, ) into BIO_wpending() in ssl/*.c? It seems
to
make sense to me.
Yes, I've applied it to all branches now. Many thanks David. Ticket
resolved.
Just a postscript to the issue. The above
Hi Stephen,
I can't see how anything could cause an issue with 85 CAs. The attached
descriptions imply it might be a mod_ssl issue (not reproducible with
s_server).
There is a bit more information now in our ticket:
https://savannah.cern.ch/bugs/?48458
Romain Wartel wrote:
So 4
Hi Roumen,
it hangs the same , remove a few cas and it works.
# rpm -q httpd mod_ssl openssl fedora-release
httpd-2.2.11-8.x86_64
mod_ssl-2.2.11-8.x86_64
openssl-0.9.8k-4.fc11.x86_64
fedora-release-11-1.noarch
[...]
May be problem is in 64-bit OpenSSL (fedora?)
Dear OpenSSL developers,
please have a look at the following bug about a bad interaction
between mod_ssl and openssl 0.9.7, 0.9.8 and possibly higher
versions when the server side supports more than 85 CAs:
https://issues.apache.org/bugzilla/show_bug.cgi?id=46952
So far this has only caused
Hi Stephen,
[EMAIL PROTECTED] - Thu Nov 06 09:19:52 2008]:
Why not increase the default, say, to 100 instead, as Globus did?
What did they actually change?
Changing the line:
9, /* depth */
in x509_vpm.c should do the trick. Can you confirm this
Dear OpenSSL developers,
on August 14 I posted this matter to the developer list. There has
been no response. Please include this issue in the bug tracker.
Various grid projects have run into the default maximum chain length
of 9 being too low. These bug reports show examples:
