[openssl-users] OpenSSL behavior for NULL characters

Karl Denninger karl at denninger.net
Tue Feb 14 04:28:51 UTC 2017


On 2/13/2017 18:41, Salz, Rich wrote:
>> It is a home grown HTTPS server.
> Well, then what does your server do?
>
> To be very very clear:  TLS is a *send the bytes* protocol.  It knows nothing about EBCDIC, ASCII, text, etc.

To back up what Rich has said I pass a LOT of data, including HTTPS and
binary protocols between different machines (which may contain any
particular set of bytes in a packet format) using OpenSSL as the
encryption method for said transport and I've had no issues whatsoever
with whatever I stuff in the pipe coming out the other end unmolested.

Do be aware of the semantics and exceptions (which you must handle -- or
else) described in the documentation however -- especially for
non-blocking sockets.  Due to the potential for renegotiations and
similar failing to pay attention to those can result in some pretty
interesting "surprises".

-- 
Karl Denninger
karl at denninger.net <mailto:karl at denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170213/172a7cb6/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2993 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170213/172a7cb6/attachment.bin>


More information about the openssl-users mailing list