Will Post-SSL-Renegotiation be coded for Apache 2.x?

Will Post-SSL-Renegotiation be coded for Apache 2.x?

am 07.10.2004 20:32:18 von Adolfo Bello

Hi list:

I don't know if this is the right list to place this question.

I've been eagerly awaiting the solution of the certificate renegotiation
with post problem for Apache2. However, I just took a look at Apache 2.1
code and found the same comment in ssl_engine_io.c regarding the
problem: this has not been re-implemented for Apache 2.

Will the solution be developed? If so, is there any time frame for this
re-implementation to be released?

Tanks in advance and sorry if this is not a question for this list.

Adolfo

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: Will Post-SSL-Renegotiation be coded for Apache 2.x?

am 08.10.2004 09:15:38 von Joe Orton

On Thu, Oct 07, 2004 at 02:32:18PM -0400, Adolfo Bello wrote:
> Hi list:
>
> I don't know if this is the right list to place this question.
>
> I've been eagerly awaiting the solution of the certificate renegotiation
> with post problem for Apache2. However, I just took a look at Apache 2.1
> code and found the same comment in ssl_engine_io.c regarding the
> problem: this has not been re-implemented for Apache 2.
>
> Will the solution be developed? If so, is there any time frame for this
> re-implementation to be released?

It looks like it'll have to be done in 2.0 like it is in 1.3, which is
unfortunate. If you add yourself to the CC field of the bug below,
you'll find out when someone gets a round tuit.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12355

It's a surprisingly difficult problem: it would really be best to solve
at the OpenSSL layer.

joe
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: Will Post-SSL-Renegotiation be coded for Apache 2.x?

am 08.10.2004 16:44:04 von Adolfo Bello

On Fri, 2004-10-08 at 03:15, Joe Orton wrote:
> On Thu, Oct 07, 2004 at 02:32:18PM -0400, Adolfo Bello wrote:
> > Hi list:
> >
> > I don't know if this is the right list to place this question.
> >
> > I've been eagerly awaiting the solution of the certificate renegotiation
> > with post problem for Apache2. However, I just took a look at Apache 2.1
> > code and found the same comment in ssl_engine_io.c regarding the
> > problem: this has not been re-implemented for Apache 2.
> >
> > Will the solution be developed? If so, is there any time frame for this
> > re-implementation to be released?
>
> It looks like it'll have to be done in 2.0 like it is in 1.3, which is
> unfortunate. If you add yourself to the CC field of the bug below,
> you'll find out when someone gets a round tuit.
>
> http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12355
>
> It's a surprisingly difficult problem: it would really be best to solve
> at the OpenSSL layer.
>
> joe

Joe:

Thanks a lot. And good luck.

Regards,

Adolfo

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org