"Lukas Gebauer" <[email protected]> wrote on 22.1.2010 11:57:22:
>> I tested your DLLs (0.9.8l, compiled using VC), and they also caused >> HttpSend to hang. >> >> I don't know whether this is a bug of OpenSSL or HttpSend.pas. > >I track problem. Background is: > >Was found possible security problem in SSL/TLS protocol. (man-in- >middle attack during renegotiation). And openssl devs disable this >feature at all as prevention, and release it as version 0.9.8l. > >Reason why some https server working well and some not are simple. >Your server, where Synapse hangs, request renegotiation. Servers, >what working well, not requesting renegotiation. :-) > >But renegoitation is disabled now inside OpenSSL, and maybe is >something bad with server communication. Like both side waiting for >read... While I call ssl_recv OpenSSL API, then it hang and waiting >for some data what does not exists. > >I still not found any workaround... > >So, do not use 0.9.8.l version of OpenSSL yet! > Lukas, how about dumping everything to the OpenSSL devs? Maybe they can figure out something.. at least the error should happen instead of just freezing.. Regards, Miha -- It's time to get rid of your current e-mail client ... ... and start using si.Mail. It's small & free. ( http://www.simail.si/ ) ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ synalist-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/synalist-public
