I am working on an application on Mac OS X that's using OpenSSL to talk
to a server via SSL. Because I'm using custom nonblocking socket code, I
setup a BIO pair to do the SSL encoding internally. Everything works
great--handshaking is successful, data is properly encrypted and
decrypted, and the application and server are both properly sending and
receiving data--except that OpenSSL is generating a lot of records that,
when decoded, have no data. I.e., they are valid SSL application data
records, but the records have no payload. This is a problem both because
I'm wasting about 24 kB/min and because matrixSsl, which runs the SSL
stack on the server, aborts the connection fairly quickly because it
interprets the large number of payload-less SSL packets as a DoS attack.
I verified both that BIO_write is never told to write 0 bytes to either
end of the BIO pair, and that BIO_write never returns 0 from either end
of the pair. Does anyone have any idea what I could be doing wrong, or
else, perhaps what setting I need to disable so that these packets
aren't generated internally?
Thanks very much.
Benjamin Pollack
Fog Creek Software
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
