Originally Posted by Strephon Alkhalikoi
What exactly does the handshake cutthrough do?
GB brings this patch with openssl.
The constant for SSL_MODE_HANDSHAKE_CUTTHROUGH is defined 0x00000040L aka decimal 64.
In openss-1.0.1i SSL_MODE_SEND_SERVERHELLO_TIME is defined 0x00000040L, so SSL_MODE_HANDSHAKE_CUTTHROUGH goes up to 0x00000080L.
Our GB-framework uses this constant in org/apache/harmony/xnet/provider/jsse/NativeCrypto.java. SSL_MODE_HANDSHAKE_CUTTHROUGH is set to 0x40 (dec 64). I just changed that to 0x80 to work with openssl-1.0.1i
What it does? Basically it speeds up the SSL-handshake when connected to older server with SSLv3.