1.
      panpipi

      [Avatar]
      2006-09-22 16:27:10 UTC
      Hi,

      It seems that I found a serious bug in yaSSL C library.

      When my client calls SSL_Write() with a long msg of length 13173 bytes, the peer server has problem in SSL_Read() to decoding the long msg because the long msg actually arrives at server in 3 pieces.

      It seems SSL_read should buffer msgs till complete SSL packet arrives before it goes on decoding.

      Please help look into this problem if it is one.

      Thanks.

      Peter
   2.
      touskaProject Admin

      [Avatar]
      2006-09-22 19:10:02 UTC
      Yes, that's right. wolfSSL should buffer incomplete messages like yaSSL does, I'll fix this.

      Thanks for the report.
   3.
      panpipi

      [Avatar]
      2006-09-22 21:03:24 UTC
      Hi,

      It is great. Thanks for the prompt response!

      By the way, most functions in the library need some self-protection, eg. verifying input SSL* parameter not null, verifying that incompatible methods parameter of SSL_CTX_new() on either side won't cause core dump. I ignorantly set my SSL server to use TLSv1_client_method() which caused the server to crash in SSL_Accept() or MD5Update().

      Peter