[openssl-users] TLS Heartbeat
Rasool, Kaja Mohideen (Nokia - IN)
kaja_mohideen.rasool at nokia.com
Sat Dec 10 13:09:38 UTC 2016
Hi,
I'm trying to develop a server (Java - Netty NIO Library + OpenSSL) / client (C + OpenSSL) applications.
A. I started off writing my server using Netty+OpenSSL and used some python scripts available in web (https://gist.github.com/takeshixx/10107280) to test whether TLS Heartbeat with OpenSSL is fine. Strangely I found that OpenSSL responds to heartbeat only if the length of TLSPlainText.length is greater than 4096. This I have observed from testing, yet to see the OpenSSL code which imposes this limitation.
B. Then I started to write my client that uses SSL_heartbeat macro - but I didn't find any way to mention how much payload/padding to be used in the heartbeat message.
I need clarity on
1. Whether the limitation observed in (A) above is correct? If so, is there any way to change it.
2. How to provide inputs like payload/padding to be used to work-around the limitation (A) ?
Many thanks in advance,
With regards,
R Kaja Mohideen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161210/23450d60/attachment.html>
More information about the openssl-users
mailing list