> > -----Original Message----- > > From: Matthias Apitz [mailto:g...@unixarea.de] > > Sent: Thursday, April 10, 2014 6:41 AM > > To: Apitz,Matthias > > Subject: Fwd: RE: OpenSSL Security Advisory > > > > ----- Forwarded message from "Salz, Rich" <rs...@akamai.com> ----- > > > > Date: Wed, 9 Apr 2014 15:43:28 -0400 > > From: "Salz, Rich" <rs...@akamai.com> > > To: "openssl-users@openssl.org" <openssl-users@openssl.org> > > Subject: RE: OpenSSL Security Advisory > > > > > Can you please post a "good" and a "bad" server example. I have > > tested a lot of servers, including 'akamai.com', and they all show > > HEARTBEATING at the end: > > > > Look at Victor's recent post about how to patch openssl/s_client to > > make your own test. That's the simplest. My example tests only > > for those who have disabled TLs heartbeats, which is the safest > > thing, but not necessarily the only thing, to do. > >
Hello, I have instrumented an openssl 1.0.1f as posted by Victor: guru@hein:~/openssl-1.0.1f> diff ssl/t1_lib.c.unpatched ssl/t1_lib.c 2671c2671 < s2n(payload, p); --- > s2n(0x4000, p); but I still see HEARTBEATING, for example even from www.openssl.org: guru@hein:~/openssl-1.0.1f/apps> (sleep 3 ; echo B ; sleep 3) | ./openssl s_client -connect www.openssl.org:443 ... HEARTBEATING DONE Do I something wrong? Thx matthias -- Matthias Apitz | /"\ ASCII Ribbon Campaign: www.asciiribbon.org E-mail: g...@unixarea.de | \ / - No HTML/RTF in E-mail WWW: http://www.unixarea.de/ | X - No proprietary attachments phone: +49-170-4527211 | / \ - Respect for open standards ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org