Hi, I've found a very central bug that affects all my OpenSSL applications including the official server example code, the vanilla Node.js HTTPs server and my (arguably non-correct) own server project.
https://github.com/openssl/openssl/issues/992 SSL_write followed by SSL_shutdown does not actually send the data passed to SSL_write if the total data size sent is less than (on my system) 7-8 bytes. If you consider the official example: https://wiki.openssl.org/index.php/Simple_TLS_Server (Note: I removed "SSL_CTX_set_ecdh_auto(ctx, 1);" to make it compile) It responds Chrome with ERR_RESPONSE_HEADERS_TRUNCATED, while changing the text sent to "Hello there" works and shows "Hello there" in Chrome. Same goes for Curl. I've tested self-signed certs and one "half-signed" (crap signer). This is on Linux (Fedora 24) and I have OpenSSL 1.1.0 but I'm pretty sure Node.js 5.x uses OpenSSL 1.0.2g. Is this known behavior?
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
