On Mon June 20 2011, Alban Diquet wrote: > Hi all, > > I've encountered a strange issue. It might not be related to OpenSSL itself, > but maybe it is. > > When sending a Client Hello message that's larger than 270 bytes (not sure > what the exact limit is, 255 maybe?), lots of servers on the internet don't > send back any Server Hello, but keep the connection open, so my client ends > up returning a timeout. > It's really weird, has anyone seen that behavior ? > You can get to a 275 byte client hello for example by using OpenSSL 1.0.0.d > with a TLS1 hello, all the cipher suites explicitly enabled > 'ALL:NULL:@STRENGTH', and a non empty session ID field. >
Is that session ID still valid on the server when this happens? Is it a session ID that the server issued to your client? Mike > Then feel free to test it on Facebook. > Does anyone know what's going on there ? > > Thanks, > > > Alban Diquet > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
