Bug ID 425032

AskF5 Home
Bug Tracker
ID 425032

Bug ID 425032: Connection hangs with AES and DES ciphers and option "Don't insert empty fragments" disabled

Last Modified: Nov 14, 2022

Bug Tracker

Affected Product: See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.4.1

Fixed In:
11.5.0

Opened: Jul 11, 2013
Severity: 3-Major
Related Article: K16141

Symptoms

Connection hangs with AES and DES ciphers and option "Don’t insert empty fragments" disabled. The connection with AES256-SHA is hanging when using SSLv3 or TLSv1.0.

Impact

connection hangs

Conditions

This issue happens specifically when option "Don’t insert empty fragments" is disabled. client: openssl server: apache.

Workaround

None

Fix Information

Do not send empty fragment for TLS 1.1 and 1.2 on block ciphers. Only send empty fragment when we are going to send any egress data.

Bug ID 425032: Connection hangs with AES and DES ciphers and option "Don't insert empty fragments" disabled

Bug Tracker

Symptoms

Impact

Conditions

Workaround

Fix Information

Behavior Change

Have a question?

About F5

Education

F5 sites

Support Tasks

Bug ID 425032: Connection hangs with AES and DES ciphers and option "Don't insert empty fragments" disabled

Bug Tracker

Symptoms

Impact

Conditions

Workaround

Fix Information

Behavior Change

Have a question?

Follow Us

About F5

Education

F5 sites

Support Tasks