On Fri, Dec 22, 2017 at 1:32 AM, Keshava Krishna Bhat K <keshavkrishna88@xxxxxxxxx> wrote: > Ok, I got to know that > openssl version -a gives out the flags used while building openssl. > so the output of this was > > OpenSSL 1.0.2g 1 Mar 2016 > built on: reproducible build, date unspecified > platform: debian-amd64 > options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx) > compiler: cc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS > -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -g -O2 > -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time > -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack > -Wall -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT > -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM > -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM > -DGHASH_ASM -DECP_NISTZ256_ASM > OPENSSLDIR: "/usr/lib/ssl" > > Since the putput above does not have OPENSSL_NO_HEARTBEATS, I assume > heartbeats are not disabled in the build. > So I am back to square one :( -> how do I make the server respond to a TLS > heartbeat request ? Do I have to read the packet and write it back ? You should also check <openssl/opensslconf.h> for OPENSSL_NO_HEARTBEATS. $ cd openssl $ grep -B 1 -A 1 HEART include/openssl/opensslconf.h #endif #ifndef OPENSSL_NO_HEARTBEATS # define OPENSSL_NO_HEARTBEATS #endif Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
