SSL_connect error with openSSL 1.1.1

Samiya Khanum samiya.khanum at broadcom.com
Fri Apr 28 14:25:26 UTC 2023 

Hi All,

I am trying to connect to* "smtp.gmail.com <http://smtp.gmail.com>"* with
port *"465".*

With OpenSSL 1.0.2p, I don't see any issue. SSL_connect is always
successful. Method used is TLSv1_method.

But with the openSSL to 1.1.1m and OpenSSL 3.0.7, I am seeing below errors.

*SSL_connect err = error:00000005:lib(0):func(0):DH lib*
*                           (or)*
*SSL_connect err = error:00000005:lib(0)::reason(5)*
*                          (or)*

*SSL_connect err = error:00000001:lib(0):func(0):reason(1)*

Here I am using the TLS_method.
Do we need to set anything before the SSL_connect call? Am I missing
something? Please advise.

Surprisingly it worked 2/20 times.
Can we print detailed information about errors/ debugs with any SSL set
call? Please let me know.

*Below is the code for TLS connection:*

 *ctx=SSL_CTX_new(TLS_method());*
* if (ctx == NULL)*
* {*
*    SocketClose(sd);*
*    return FAILURE;*
*  }*

*  con=SSL_new(ctx);*
*  if(con == NULL)*
*  {*
*    SSL_CTX_free(ctx);*
*    SocketClose(sd);*
*    return FAILURE;*
*  }*

*  SSL_set_fd (con, sd);*

*  err = SSL_connect(con);*
*  if(err == -1)*
*  {*
     err2 = SSL_get_error(con, err);
     printf("\r\nSSL_connect err = %s", ERR_error_string(err2, 0));
    * SSL_shutdown(con);*
*    SSL_free(con);*
*    SocketClose(sd);*
*    return FAILURE;*
*  }*

*   printf("TLS CONNECTION IS SUCCESSFUL");*
*   /* Data send and receive */*

*   /* Close the connection */*
*   if (con != NULL)*
*   {*
     *SSL_shutdown(con);*
*     SSL_free(con);*
     *SocketClose(sd);*
*   }*

Thanks in advance.

Thanks & Regards,
Samiya khanum

-- 
This electronic communication and the information and any files transmitted 
with it, or attached to it, are confidential and are intended solely for 
the use of the individual or entity to whom it is addressed and may contain 
information that is confidential, legally privileged, protected by privacy 
laws, or otherwise restricted from disclosure to anyone else. If you are 
not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, you are hereby notified that any use, 
copying, distributing, dissemination, forwarding, printing, or copying of 
this e-mail is strictly prohibited. If you received this e-mail in error, 
please return the e-mail to the sender, delete it from your computer, and 
destroy any printed copy of it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230428/06cd0b20/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4212 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230428/06cd0b20/attachment.p7s>

More information about the openssl-users mailing list