> On Feb 13, 2017, at 3:53 PM, Salz, Rich <[hidden email]> wrote:
> What’s the serer on the other side? If it’s a web server, then \0 characters are generally illegal. If it’s s_server, then it, too, really wants ASCII lines.
For binary-clean input use the "-nocommads" option to s_client.
The remaining behaviour is then up to the server, though on EBCDIC
systems, the input is still assumed to be textual and ASCII conversion
will be attempted. The s_client(1) command is not "stunnel", it is a
diagnostic tool, not a proxy.
Well, then what does your server do?
To be very very clear: TLS is a *send the bytes* protocol. It knows nothing about EBCDIC, ASCII, text, etc.
To back up what Rich has said I pass a LOT of data, including HTTPS
and binary protocols between different machines (which may contain
any particular set of bytes in a packet format) using OpenSSL as the
encryption method for said transport and I've had no issues
whatsoever with whatever I stuff in the pipe coming out the other
Do be aware of the semantics and exceptions (which you must handle
-- or else) described in the documentation however -- especially for
non-blocking sockets. Due to the potential for renegotiations and
similar failing to pay attention to those can result in some pretty
Karl Denninger [hidden email] The Market Ticker [S/MIME encrypted email preferred]