Since I never got any replies to this, I figured it might be useful to update the group with the solution...
Indeed, the problem was with my application. I was just using ::select() to see if there was data waiting for me to SSL_read off the socket, which I cover to discover is not reliable. (thanks to Eric Rescorla's excellent book, "SSL and TLS") Instead, I am now doing SSL_pending to see if there is data cached for me in the SSL buffers. In retrospect, I'm surprised at how well it worked for so long without using the correct call to SSL_pending (or SSL_peek) We never saw a problem until the client was Microsoft Exchange 2007. (this is an SMTP/TLS application) I still can't explain why MSFT being the client exposed this issue for us, but they must be doing something slightly different. I'm surprised nobody on this list picked up on my oversight below, so here it is for the archives. :-) n8 P.S. I never did find the changelist at the openssl.org website. Apparently you have to download and unpack the whole tarball to find out what has changed in that release. Any chance we can get a "changelist" page on the website? ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, November 16, 2007 9:58 AM To: openssl-users@openssl.org Subject: caching problem? This is probably an issue with my application, but before I spend too much time digging into it, I wanted to make sure it isn't a known issue with the library... I am reading data off the wire, and sometimes I don't get the last packet until the remote client has timed out and gone away. Then the final packet is suddenly available for reading off the wire. I have seen it happen with AES 256 and RC4 MD5 (128) I am using the original 0.9.8 (July '05), and yes, I will try upgrading to the latest 0.9.8g BTW, is there a list of bugs which have been fixed in each release? TIA, n8
