Ubuntu
php5 package

Bug #592442
Comment #16

Comment 16 for bug 592442

Revision history for this message

Clint Byrum (clint-fewbar) wrote on 2010-12-02:

#16

Steve, thanks for looking into this further.

I've unassigned myself from the SSL portion of this, as I am not really the best person to address the issue fully.

According to this:

http://www.openssl.org/news/changelog.html

I see where rfc4507bis support was added in 0.9.8e, then (confusingly) again in 0.9.8n. Maybe it was removed from f or g??

Anyway, the answer to this question suggests that it may be that the server is actually in err here, which maybe OpenSSL should handle more gracefully.

http://stackoverflow.com/questions/2667514/openssl-sessionticket-tls-extension-problem

Seems to me that there is a need then to allow disabling the SessionTicket extension to the SSL context options:

http://us2.php.net/manual/en/context.ssl.php

So, I've submitted this PHP bug which would allow disabling the SessionTicket extension.

http://bugs.php.net/bug.php?id=53447

Marking the PHP portion of this Triaged. I suspect that OpenSSL is actually doing the right thing here, and so suggest that it might be Invalid (though I'd like somebody more familiar with OpenSSL to make that change)

Ubuntuphp5 package

Comment 16 for bug 592442

Ubuntu
php5 package