[openssl-users] Version negotiation failure failure?
Jordan Brown
openssl at jordan.maileater.net
Tue Sep 11 00:27:36 UTC 2018
On 9/10/2018 1:42 PM, Kurt Roeckx wrote:
> I can not reproduce this in 1.0.1, 1.0.2, 1.1.0 or 1.1.1. I believe
> this was fixed in all branches. I've tried 1.0.2o too, and I still get
> the alert back.
Interesting. My attempts were on Solaris x86[*]. I'll have to try
other platforms.
[...later...]
With the Cygwin server (1.0.2n), I get different behavior.
The server says:
4294956672:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert
handshake failure:s3_pkt.c:1500:SSL alert number 40
where you might recall the Solaris server said:
1:error:14076102:SSL routines:SSL23_GET_CLIENT_HELLO:unsupported
protocol:s23_srvr.c:605:
The client (either Solaris or Cygwin) says:
1:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:365:
which is perfect.
Time to go figure out why our OpenSSL server is misbehaving.
[*] As you might infer from my signature below, I work for Oracle in
the Solaris group. My immediate organization is primarily concerned
with our Solaris-based storage products. (That's not quite
accurate, but you don't want to know about our org chart.)
--
Jordan Brown, Oracle Solaris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180911/b0ccca96/attachment-0001.html>
More information about the openssl-users
mailing list