Hi, I am just following up with my earlier mail as I did not get an answer. I now understand that the heartbeat mechanism is completely removed in OpenSSL 1.1.1, whereas it's still available in gnuTLS. So I do not understand why it was removed from OpenSSL Having your own keepalive mechanism(at application level) the only way forward ? I am still looking for some answers. Can someone throw some light on it ?
Regards, Vijay On Tue, Jun 9, 2020 at 2:25 PM Vijayakumar Kaliaperumal <vkali...@gmail.com> wrote: > Hello, > > From the release notes of OpenSSL 1.1.1, I could see that DTLS heartbeat > has been removed > . > Heartbeat support has been removed; the ABI is changed for now. > > With RFC 6520 in standards track, any specific reason(Vulnerability/other > security issue reported) for the removal ?, How can we re-enable it ? > Recompile OpenSSL without OPENSSL_NO_HEARTBEATS macro ? Please advise. > > Regards, > Vijay >