You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2015/03/09 17:52:08 UTC

[Bug 57680] New: SSLSessionCacheTimeout has no effect

https://bz.apache.org/bugzilla/show_bug.cgi?id=57680

            Bug ID: 57680
           Summary: SSLSessionCacheTimeout has no effect
           Product: Apache httpd-2
           Version: 2.4.6
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
          Assignee: bugs@httpd.apache.org
          Reporter: trianman@gmail.com

Seems that the value of SSLSessionCacheTimeout set in config is ignored by
mod_ssl.

I've tried to set this value to any other than default 300 but TLS session
stays in cache exact 300 seconds.
So if I set "SSLSessionCacheTimeout 15" I'll receive "shmcb_subcache_retrieve
found no match" message in log after a long 300 seconds.
If I set "SSLSessionCacheTimeout 36000"  I'll receive the same message also
after this 300 seconds.

The log for session timeout looks like this:
[Mon Mar 09 19:18:25.486926 2015] [ssl:info] [pid 28162] [client X.X.X.X:XXXXX]
AH01964: Connection to child 1 established (server example.com:443)
[Mon Mar 09 19:18:25.488688 2015] [socache_shmcb:debug] [pid 28162]
mod_socache_shmcb.c(522): AH00835: socache_shmcb_retrieve (0x7e -> subcache 62)
[Mon Mar 09 19:18:25.488786 2015] [socache_shmcb:debug] [pid 28162]
mod_socache_shmcb.c(877): AH00851: shmcb_subcache_retrieve found no match
[Mon Mar 09 19:18:25.488800 2015] [socache_shmcb:debug] [pid 28162]
mod_socache_shmcb.c(532): AH00836: leaving socache_shmcb_retrieve successfully
[Mon Mar 09 19:18:25.488888 2015] [ssl:debug] [pid 28162]
ssl_engine_kernel.c(1913): [client X.X.X.X:XXXXX] AH02043: SSL virtual host for
servername example.com found

The log for session reuse looks like this (Note absence of the
socache_shmcb:debug messages):
[Mon Mar 09 19:18:36.403065 2015] [ssl:info] [pid 28163] [client X.X.X.X:XXXXX]
AH01964: Connection to child 2 established (server example.com:443)
[Mon Mar 09 19:18:36.404696 2015] [ssl:debug] [pid 28163]
ssl_engine_kernel.c(1913): [client X.X.X.X:XXXXX] AH02043: SSL virtual host for
servername example.com found


I have
CentOS 7
httpd.x86_64    2.4.6-19.el7.centos
mod_ssl.x86_64  1:2.4.6-19.el7.centos
openssl.x86_64  1:1.0.1e-34.el7_0.7

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 57680] SSLSessionCacheTimeout has no effect

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=57680

Anton Andersen <tr...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |trianman@gmail.com

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org