Please note this question is not about the TLS vulnerability reported in Nov 2009.
When an openssl client requests a renegotiation while the server is sending data the client generates a fatal alert of "unexpected message". This behavior doesn't seem very robust because the client may not know when the server is about to send application data. Are there any workarounds to handle this scenario? This issue has been raised on this email list over the years but I can't find any responses. Here are a couple of the latest related posts: >From 2007: http://marc.info/?l=openssl-users&m=118897608028360&w=2 >From 2005: http://marc.info/?l=openssl-users&m=110858071920301&w=2 The system I'm using has openssl 0.9.8k. Thanks, Carl ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
