Hi Arun
On Fri, 22 Sep 2000, Arun Venkataraman wrote:
>
> Looks like the webserver handles SSLv3 properly but not SSLv23 (why?). I
> tried:
> "openSsl> s_client -debug -sslv3 -connect www.genowebpayment.de:443" and
> it
> worked fine.
You're right, I managed to connect like this as well. The Web Server used
is by the way IBM HTTP Server 1.3.6.2, so probably quite widely used.
What I found out as well:
- openssl s_client -ssl2 works
- openssl s_client -ssl3 works
So, only when I specify no protocol, the error occurs. What could that
mean?
Bye
Tim
>
> Arun.
>
> ----- Original Message -----
> From: "Tim Tassonis" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, September 22, 2000 9:17 AM
> Subject: bad mac decode in ssl handshake
>
>
> > Hi
> >
> > When I try to contact the following SSL site with s_client, I cannot
> > connect:
> >
> > www.genowebpayment.de:443
> >
> > I haven't got an idea what web server they're using, but I can connect
> > successfully with Netscape Communicator 4.75 under Linux for instance.
> >
> > The error occurs under 0.95a and 0.9.6-beta3 at least.
> >
> > This is the command I set up:
> >
> > openssl s_client -debug -connect www.genowebpayment.de:443
> >
> > And this is the output (after the verify) I get:
> >
> > verify return:0
> > read from 0814B978 [08150F20] (5 bytes => 5 (0x5))
> > 0000 - 16 03 00 00 04 .....
> > read from 0814B978 [08150F25] (4 bytes => 4 (0x4))
> > 0000 - 0e .
> > 0004 - <SPACES/NULS>
> > write to 0814B978 [0815A370] (137 bytes => 137 (0x89))
> > 0000 - 16 03 00 00 84 10 00 00-80 3f c3 0e 89 e0 fc 15
> .........?......
> > 0010 - c6 40 24 98 b6 f0 8a f0-2f f5 38 da f0 0e 3d 99
> .@$...../.8...=.
> > 0020 - ec d9 a7 b0 35 79 92 07-07 ad 3c 1d 1e 3f 0f a0
> ....5y....<..?..
> > 0030 - 08 59 e4 f9 98 2f 58 10-9d 51 4a af ea 70 f3 64
> .Y.../X..QJ..p.d
> > 0040 - 40 44 3c dd 1d ce 76 41-f7 35 60 5f f3 38 03 75
> @D<...vA.5`_.8.u
> > 0050 - 6b 03 22 4f 8e 2f c1 41-09 cd be 3a e5 82 d2 a3
> k."O./.A...:....
> > 0060 - 69 ae 4b 1b 99 ad 09 39-4b dd 82 e2 95 b8 eb 15
> i.K....9K.......
> > 0070 - 9c 9d f5 e4 f6 f2 ab 3b-08 25 5a 69 7f 5b 58 ab
> .......;.%Zi.[X.
> > 0080 - 55 b4 0a b8 00 c7 9a f4-7a U.......z
> > write to 0814B978 [0815A370] (6 bytes => 6 (0x6))
> > 0000 - 14 03 00 00 01 01 ......
> > write to 0814B978 [0815A370] (61 bytes => 61 (0x3D))
> > 0000 - 16 03 00 00 38 06 d3 88-fe e8 e0 2e e7 d4 fb 37
> ....8..........7
> > 0010 - ca e2 ec d3 4c 3d 8d 78-0b 0f 02 c5 4e 2e 22 4d
> ....L=.x....N."M
> > 0020 - 29 e0 e8 33 bc a8 f7 40-c6 7d a6 00 f2 cc 0b 5b
> )..3...@.}.....[
> > 0030 - 7d 9f 99 05 c8 47 17 a6-9a a8 20 dc 9e }....G.... ..
> > read from 0814B978 [08150F20] (5 bytes => 5 (0x5))
> > 0000 - 14 03 00 00 01 .....
> > read from 0814B978 [08150F25] (1 bytes => 1 (0x1))
> > 0000 - 01 .
> > read from 0814B978 [08150F20] (5 bytes => 5 (0x5))
> > 0000 - 15 03 00 00 12 .....
> > read from 0814B978 [08150F25] (18 bytes => 18 (0x12))
> > 0000 - 76 4e 6e 26 cc b7 62 08-69 a5 61 f1 b1 05 3e d1
> vNn&..b.i.a...>.
> > 0010 - c3 4d .M
> > write to 0814B978 [0815A370] (23 bytes => 23 (0x17))
> > 0000 - 15 03 00 00 12 80 33 d5-37 ca 49 35 81 53 72 b5
> ......3.7.I5.Sr.
> > 0010 - a7 f9 0b f7 b8 79 72 .....yr
> > 11479:error:1408F071:SSL routines:SSL3_GET_RECORD:bad mac
> > decode:s3_pkt.c:383:
> >
> > Any ideas, anybody
> >
> > Thanks
> > Tim
> >
> >
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > Development Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
