Article delegate-en/4101 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4100@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: SSL no shared cipher
04 Sep 2008 06:27:43 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Andre,

In message <_A4100@delegate-en.ML_> on 09/04/08(08:17:05)
you =?ISO-8859-15?Q?Andr=E9_Egners?= <p4yhqbdyi-lnh3n2gq2gdr.ml@ml.delegate.org> wrote:
 |I tested the new Diffie-Hellman functionality a little more thoroughly
 |and it turns out that there is a problem.
 |If I start up the server as a https proxy with the necessary dhparam in
 |place (they do get loaded correctly),
 |and use this with forcing the use of a Diffie-Hellman cipher it works.
 |But if after a while of doing nothing
 |and just letting it sit there, it seems that it can't be restarted
 |again. Then I start getting a "no shared cipher" error
 |as before.
 |If I shut down the proxy and restart it again, it starts working again,
 |but only as longs a I don't start using
 |it after a while of doing nothing.
 |When no using Diffie-Hellman cipher the problem does not arise.

I don't know how to reproduce it but it might be solved by disabling the
SSL context/session cache of DeleGate as follows:

  TLSCONF=cache:no

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V