I have found that there might be a different length computing in zlib V1.2.3 (or may be even in 1.2.2). In my opinion the length field set by zlib is ok. But openssl changes this length field in the SSL_OP_TLS_BLOCK_PADDING_BUG handling => ERROR (I traced the problem in openssl and zlib under openssl)
Until now I've got only one mail that the error might happen also with 1.2.2 (4) and 1.2.3 under apache. I've got also an hint on a restriction on RC4 which might help. But the restriction might be a problem with my usage scenario. Nothing more. I have produced openssl libs without zlib used by my program. This works fine. And with flexible ZLIB usage around Openssl and zlib level 1 and HTTP-chunking I've got best performance --- better than zlib level 6 (default) inside Openssl. - Christiane >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of Kurt Roeckx via RT >Sent: Sunday, December 25, 2005 11:35 AM >To: Kämpfe, Christiane >Cc: openssl-dev@openssl.org >Subject: [openssl.org #1204]: bad record mac because of wrong >SSL_OP_TLS_BLOCK_PADDING_BUG handling > > >Hi, > >Has there been any progress on finding what the cause of this is? > >There is also a bug open about this in the Debian bug tracking at: >http://bugs.debian.org/338006 > >There might be some more useful information in it. > > >Kurt > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
