[openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken
Salz, Rich via RT
rt at openssl.org
Mon Oct 12 16:22:35 UTC 2015
> AFAICT if SSL_read returns between the first handshake and the second, you
> don't get the problem.
I think it should not matter when or what SSL_read returns. That should only be returning application-level data to the caller. All state manipulations, etc., should be done underneath and completely hidden. So yes, I vote for fixing.
More information about the openssl-dev
mailing list