[openssl-users] Sudden control data sent during large transfer.

Jakob Bohm jb-openssl at wisemo.com
Mon Dec 25 21:38:34 UTC 2017

On 23/12/2017 04:06, J Decker wrote:
> How can I know what/why openssl is sending control data?
> I have this Node addon that uses TLS 1.2 to communicate.  I'm sending 
> a large file transfer (100M), which is chunked into 8100 byte blocks 
> and sent on websocket protocol.  It's additionally chunked into 4327 
> byte blocks (which after encoding is 4356 bytes or 1452*3)  All of the 
> data is encoded into blocks and queued to transfer before I have a 
> problem.
> After some amount of data transfer OpenSSL starts sending 31 byte 
> control packets after basically each block received... when the other 
> side receives that data it doesn't do anything, but the ssl layer does 
> stop giving me completed packets (instead opting to generate 31 byte 
> packets) when the other side receives those, it doesn't do 
> anything.... (doesn't generate control sends back).
> Ad I mentioned all of the pendijng data is already queued to send, so 
> even if I received a control packet and it generated a response it 
> wouldn't get received for quite some time.
> I don't have control over what version of SSL is being used... but 
> this current test is 1.0.1m
> It's variable by the time it starts sending 31 byte packets... Also 
> depends on the connection; although at this time I'm able to generate 
> the problem on localhost... I was able to transfer from a remote 
> server to myself with no issues...
I think you need to be a lot more clear for anyone to understand your

What exactly do you mean by "control data"?

What is the layering of protocols here?
Is it:
    bulk data => WebSockets => TLS => TCP => network
    bulk data => TLS => WebSockets => TLS => TCP => network

In what direction is the bulk data being sent: TLS client to TLS
server or TLS server to TLS client?

In what direction is the initial 31 byte "control packet" being
sent: TLS client to TLS server or TLS server to TLS client?

Also, if possible, could you report the (decrypted if applicable)
content of those initial 31 bytes?  Perhaps also the later 31 byte
packets (including their order of occurrence and direction of

Can you see what the "packets" are?

For example, are they TLS alert messages?

Are they TLS HelloRequest messages?


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list