You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2007/10/17 18:25:31 UTC

DO NOT REPLY [Bug 43644] New: - OpenSSL 0.9.8f causes "unusably short session_id provided" errors

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43644>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=43644

           Summary: OpenSSL 0.9.8f causes "unusably short session_id
                    provided" errors
           Product: Apache httpd-2
           Version: 2.2.6
          Platform: All
        OS/Version: other
            Status: NEW
          Keywords: ErrorMessage
          Severity: normal
          Priority: P2
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: Tom.Donovan@acm.org


Using OpenSSL version 0.9.8f (released 11-Oct-2007) causes each new SSL session
to log:

[Wed Oct 17 12:11:39 2007] [error] unusably short session_id provided (0 bytes)

This is not really an Apache bug. It is OpenSSL bug 1591:
 http://rt.openssl.org/Ticket/Display.html?id=1591&user=guest&pass=guest

Noted here because this causes excessive error log entries when OpenSSL 0.9.8f
is used with Apache.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 43644] - OpenSSL 0.9.8f causes "unusably short session_id provided" errors

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43644>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=43644


Tom.Donovan@acm.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED




------- Additional Comments From Tom.Donovan@acm.org  2007-10-19 06:54 -------
OpenSSL 0.9.8g has been released 19-Oct-2007 which corrects this bug.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org