[openssl-dev] [Bug] OpenSSL does not send short messages
Alex Hultman
alexhultman at gmail.com
Tue Apr 26 03:17:46 UTC 2016
Hi,
I've found a very central bug that affects all my OpenSSL applications
including the official server example code, the vanilla Node.js HTTPs
server and my (arguably non-correct) own server project.
https://github.com/openssl/openssl/issues/992
SSL_write followed by SSL_shutdown does not actually send the data passed
to SSL_write if the total data size sent is less than (on my system) 7-8
bytes.
If you consider the official example:
https://wiki.openssl.org/index.php/Simple_TLS_Server
(Note: I removed "SSL_CTX_set_ecdh_auto(ctx, 1);" to make it compile)
It responds Chrome with ERR_RESPONSE_HEADERS_TRUNCATED, while changing the
text sent to "Hello there" works and shows "Hello there" in Chrome. Same
goes for Curl. I've tested self-signed certs and one "half-signed" (crap
signer).
This is on Linux (Fedora 24) and I have OpenSSL 1.1.0 but I'm pretty sure
Node.js 5.x uses OpenSSL 1.0.2g.
Is this known behavior?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160426/65c8bc58/attachment-0001.html>
More information about the openssl-dev
mailing list