<div dir="ltr">I found the real issue... recently I fixed a signed/unsigned comparison warning by adding a (int) to the unsigned side, which made the result of send() be compared differently, and was triggering when send() would return -1 (with EAGAIN/WSAEWOULDBLOCK) would cause me to think it was a short send ( result < amount_to_send ) { /* sent less than full packet */ } so I ended up backing up the send offset by 1 byte instead of 0 bytes... this was then injecting 1 extra byte into the TCP layer. <div><br><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Dec 25, 2017 at 1:38 PM, Jakob Bohm <span dir="ltr"><<a href="mailto:jb-openssl@wisemo.com" target="_blank">jb-openssl@wisemo.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="gmail-HOEnZb"><div class="gmail-h5">On 23/12/2017 04:06, J Decker wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
How can I know what/why openssl is sending control data?<br><br>
It's variable by the time it starts sending 31 byte packets... Also depends on the connection; although at this time I'm able to generate the problem on localhost... I was able to transfer from a remote server to myself with no issues...<br>
<br>
</blockquote></div></div>
I think you need to be a lot more clear for anyone to understand your<br>
problem.<br>
<br>
What exactly do you mean by "control data"?<br></blockquote><div><br></div><div>alerts/HelloRequest/renegotation?</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
What is the layering of protocols here?<br>
Is it:<br>
bulk data => WebSockets => TLS => TCP => network<br><br>
In what direction is the bulk data being sent: TLS client to TLS<br>
server or TLS server to TLS client?<br></blockquote><div>server to client. </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
In what direction is the initial 31 byte "control packet" being<br>
sent: TLS client to TLS server or TLS server to TLS client?<br>
<br></blockquote><div>client to server </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Also, if possible, could you report the (decrypted if applicable)<br>
content of those initial 31 bytes? Perhaps also the later 31 byte<br>
packets (including their order of occurrence and direction of<br>
transmission)?<br>
<br>
Can you see what the "packets" are?<br></blockquote><div><br></div><div>I wouldn't know the decrypted bytes because I would get them from the wbio from the TLS Object.</div><div>Well that's kinda what I was more asking; can I somehow register a callback for when alerts are generated so I can see what they are? Otherwise I really don't know.</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
For example, are they TLS alert messages?<br>
<br>
Are they TLS HelloRequest messages?</blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
<br>
Enjoy<br>
<br>
Jakob<span class="gmail-HOEnZb"><font color="#888888"><br>
-- <br>
Jakob Bohm, CIO, Partner, WiseMo A/S. <a href="https://www.wisemo.com" rel="noreferrer" target="_blank">https://www.wisemo.com</a><br>
Transformervej 29, 2860 Søborg, Denmark. Direct <a href="tel:%2B45%2031%2013%2016%2010" value="+4531131610" target="_blank">+45 31 13 16 10</a><br>
This public discussion message is non-binding and may contain errors.<br>
WiseMo - Remote Service Management for PCs, Phones and Embedded<br>
<br>
-- <br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/mailma<wbr>n/listinfo/openssl-users</a><br>
</font></span></blockquote></div><br></div></div></div>