I've an openssl client talking ssl. The client was previously talking to an openssl server and everything was fine and dandy. We're now rewriting the server in java and we're seeing the following happen.
1) connecting to server WORKS
2) handshake WORKS
3) 1st request WORKS
4) 1st response WORKS
5) 2nd request WORKS
6) 2nd response FAILS
7) 3rd request WORKS
8) 3rd response FAILS
The 2nd response is about 130bytes encrypted and (should be) around 100bytes unencrypted. The client is successfully reading all those 130 bytes from the tcp socket, but after putting it threw SSL_read (like 1st respone), it only outputs 1 byte. No error after calling SSL_get_error...just 1 byte is returned successfully. I call SSL_pending directly afterwards and it returns 0.
The 3rd response now returns -1 SSL_ERROR_SSL "decryption failed or bad record mac"
I'm brand new to openssl and ive been battling this issue for several hours now. Any ideas would be much appreciated
UPDATE: relevant code
...
BIO* bio = BIO_new_mem_buff(sbuf, bufoutlen);
BIO_set_mem_close(bio,BIO_NOCLOSE);
ssl->rbio=bio;
int len = SSL_read(ssl, bufout, sbuflen); //<<return 1 even though buf has 130bytes
printf("pending=%d\n",SSL_pending(ssl)); //<<returns 0
