The SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS option only affects how the OUTBOUND (i.e. SSL_write) records are split (or not), correct? It doesn't define any behavior for how the INBOUND records (i.e. SSL_read) should be split (or not), correct?
So, it's possible that different sides of an SSL connection could be splitting (or not) the records different ways. For example, suppose the client does NOT have the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS option set, but the server does. In this scenario the records coming from the client going to the server would be split and contain empty fragments, but the records coming from the server going to the client would NOT contain empty fragments. Is that correct? Thank you.