There is one other SSL bug in pike 8. This happens very predictably when connecting to a roxen+pike8 with chromium. The problem is that from the close callback the session is removed from the session cache. If the session is in use in another connection, it ends up without master_secret which then leads to an error. Is invalidating the session correct behavior in this case? RFC 4346 in 7.2.1:
Note that as of TLS 1.1, failure to properly close a connection no longer requires that a session not be resumed. This is a change from TLS 1.0 to conform with widespread implementation practice.
arne
On 02/28/15 11:18, Arne Goedeke wrote:
On 02/27/15 22:18, Arne Goedeke wrote:
I will add testcases.
I just pushed a buffer mode test to socktest.pike. I also added a SSL test for a bug which I almost forgot about. is_open() hangs in blocking mode.