On 23/12/2017 04:06, J Decker wrote:
How can I know what/why openssl is sending control data?
I have this Node addon that uses TLS 1.2 to communicate. I'm sending
a large file transfer (100M), which is chunked into 8100 byte blocks
and sent on websocket protocol. It's additionally chunked into 4327
byte blocks (which after encoding is 4356 bytes or 1452*3) All of the
data is encoded into blocks and queued to transfer before I have a
problem.
After some amount of data transfer OpenSSL starts sending 31 byte
control packets after basically each block received... when the other
side receives that data it doesn't do anything, but the ssl layer does
stop giving me completed packets (instead opting to generate 31 byte
packets) when the other side receives those, it doesn't do
anything.... (doesn't generate control sends back).
Ad I mentioned all of the pendijng data is already queued to send, so
even if I received a control packet and it generated a response it
wouldn't get received for quite some time.
I don't have control over what version of SSL is being used... but
this current test is 1.0.1m
It's variable by the time it starts sending 31 byte packets... Also
depends on the connection; although at this time I'm able to generate
the problem on localhost... I was able to transfer from a remote
server to myself with no issues...
I think you need to be a lot more clear for anyone to understand your
problem.
What exactly do you mean by "control data"?
What is the layering of protocols here?
Is it:
bulk data => WebSockets => TLS => TCP => network
Or
bulk data => TLS => WebSockets => TLS => TCP => network
In what direction is the bulk data being sent: TLS client to TLS
server or TLS server to TLS client?
In what direction is the initial 31 byte "control packet" being
sent: TLS client to TLS server or TLS server to TLS client?
Also, if possible, could you report the (decrypted if applicable)
content of those initial 31 bytes? Perhaps also the later 31 byte
packets (including their order of occurrence and direction of
transmission)?
Can you see what the "packets" are?
For example, are they TLS alert messages?
Are they TLS HelloRequest messages?
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
