Hi,
On 27 Sep 2006, at 10:20, David Schwartz wrote:
Then the problem: when i am doing SSL_write,
it does return full length of the packet i send,
You don't send packets to SSL_write, you send bytes. It returns the
number
of bytes sent, and if the other end doesn't receive that number of
bytes
(possibly in multiple call to SSL_read), you have found a problem.
Other side would return an error message:
ORA-31154: invalid XML document
ORA-19202: Error occurred in XML processing
LSX-00213: only 0 occurrences of particle "greeting",
minimum is 1
It is totally confused, that is: i, as a client would never send
greeting. One thing
possible is that it got only part of the document. Second thing is
two login attempts,
which is an error.
but
ethereal shows *two* application level packets.
It's not completely clear what you mean by "application level
packets". SSL
is a byte-stream protocol. It guarantees only that the other end will
receive the same bytes in the same order. It does not glue bytes
together in
a way the application can use.
There is no special reason you should care (except perhaps for
performance/efficiency reasons) if you send 100 bytes and SSL sends
them as
a single 100-byte chunk or 100 1-byte chunks
tshark dump is following:
72664.019667 130.59.10.95 -> 193.53.0.56 TLSv1 [TCP Retransmission]
Server Hello, Certificate, Server Key Exchange, Server Hello Done
72664.035083 193.53.0.56 -> 130.59.10.95 TCP 7700 > 7700 [ACK]
Seq=2996013302 Ack=106323215 Win=65535 Len=0 TSV=1368546303
TSER=2583245094
72664.634056 193.53.0.56 -> 130.59.10.95 TLSv1 [TCP Retransmission]
Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
72664.663229 130.59.10.95 -> 193.53.0.56 TLSv1 [TCP Retransmission]
Change Cipher Spec
72664.663315 193.53.0.56 -> 130.59.10.95 TCP 7700 > 7700 [ACK]
Seq=2996013492 Ack=106323221 Win=65535 Len=0 TSV=1368546305
TSER=2583245740
72664.665924 130.59.10.95 -> 193.53.0.56 TLSv1 [TCP Retransmission]
Encrypted Handshake Message
72664.665956 193.53.0.56 -> 130.59.10.95 TCP 7700 > 7700 [ACK]
Seq=2996013492 Ack=106323266 Win=65535 Len=0 TSV=1368546305
TSER=2583245742
72664.675862 193.53.0.56 -> 130.59.10.95 TLSv1 [TCP Retransmission]
Application Data, Application Data
this after one call of SSL_write. As you see, SSL is transmitting two
separate application data packets.
.
The packet indedd contains 0x00s. Can this be a
problem ?
Are you trying to manually decrypt the data? Why do you care what
bytes the
packets contain? You shouldn't be looking at the TCP level except to
diagnose a problem at the SSL level. Do you have a problem?
The problem is having two application data packets, when i call
SSL_write only once. And yes, i want
to decrypt these two packets, to see what they contain. Even if they
both are valid packets, this would
be an error, as i said. As for 0x00, this one is the cwise end-of-the-
string. Some application have separate
function call for handling date containing it..
Aarno
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]