[openssl-users] TLS Heartbeat

Rasool, Kaja Mohideen (Nokia - IN) kaja_mohideen.rasool at nokia.com
Sat Dec 10 13:09:38 UTC 2016


I'm trying to develop a server (Java - Netty NIO Library + OpenSSL) / client (C + OpenSSL) applications.

A. I started off writing my server using Netty+OpenSSL and used some python scripts available in web (https://gist.github.com/takeshixx/10107280) to test whether TLS Heartbeat with OpenSSL is fine. Strangely I found that OpenSSL responds to heartbeat only if the length of TLSPlainText.length is greater than 4096. This I have observed from testing, yet to see the OpenSSL code which imposes this limitation.

B. Then I started to write my client that uses SSL_heartbeat macro - but I didn't find any way to mention how much payload/padding to be used in the heartbeat message.

I need clarity on

1.       Whether the limitation observed in (A) above is correct? If so, is there any way to change it.

2.       How to provide inputs like payload/padding to be used to work-around the limitation (A) ?

Many thanks in advance,

With regards,
R Kaja Mohideen

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161210/23450d60/attachment.html>

More information about the openssl-users mailing list