[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: TLS negotiation failure
Emmanuel Dreyfus <manu@netbsd.org> wrote:
> - Reading SSL_get_error(3), I would be in the "EOF was observed that
> violates the procol" situation:
> SSL_ERROR_SYSCALL
> Some I/O error occurred. The OpenSSL error queue may contain more
> information on the error. If the error queue is empty (i.e.
> ERR_get_error() returns 0), ret can be used to find out more about
> the error: If ret == 0, an EOF was observed that violates the pro-
> tocol. If ret == -1, the underlying BIO reported an I/O error (for
> socket I/O on Unix systems, consult errno for details).
ssldump tells me that the connexion is immedialty terminated by the
client:
A connection, as reported by ssldump, that will exhibit "TLS negociation
failure:
New TCP connection #3: client (51203) <-> server (636)
3 0.0007 (0.0007) C>S TCP FIN
3 0.0014 (0.0007) S>C TCP FIN
A sane connextion;
New TCP connection #4: client (51204) <-> server (636)
4 1 0.0007 (0.0007) C>S SSLv2 compatible client hello
Version 3.1
cipher suites
Any idea of what could cause that?
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org