Hello,
> Then the problem: when i am doing SSL_write,
> it does return full length of the packet i send, but
> ethereal shows *two* application level packets.
> The packet indedd contains 0x00s. Can this be a
> problem ?

No, sending first "empty" SSL packet and next "real"
(with data) is CBC timing attack workaround.
Try setting SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS with
SSL_CTX_set_options() to check if this behavior
will change.

Best regards,
--
Marek Marcola

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org