Comments inserted below.....
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Lutz Jaenicke
> Sent: 07 March 2001 12:32
> To: [EMAIL PROTECTED]
> Subject: Re: SSL_ERROR_SSL generated in SSL_connect
>
>
> On Wed, Mar 07, 2001 at 11:19:28AM -0000, Toby Shepheard wrote:
> > Small update:
> >
> > I got the proper error response working now (it was getting
> a bit late
> > yesterday, my brain obviously wasn't in top gear!), and it
> is as follows:
> >
> > error:140840FF:SSL routines:SSL3_CONNECT:unknown state
> >
> > Does this help anyone or provide any further indications of
> the problem?
> > What could cause an unknown state?
>
> Your problem shows, that the SSL object is not correctly initialized.
>
> * I assume, that we are talking about a recent version of OpenSSL.
> (Old versions (before 0.9.3?) required
> SSL_set_connect_state() before
> SSL_connect().)
I am using OpenSSL 0.9.6, 24 Sep 2000.
The server is Apache 1.3.17 with mod_ssl2.8.0-1.3.17
> * You want to perform a SSL_connect() with SSLv3 only (indicated by
> SSL3_CONNECT).
Yes
> * You have initialized the SSL_CTX with a SSLv3_client_method (or a
> generic SSLv3_method) or a SSLv23 method with SSL_OP_NO_* options
> set.
//Is this ok? I'm using the generic SSLv3_method
meth=SSLv3_method();
ctx=SSL_CTX_new(meth);
> * You are not reusing an old SSL object that was already used once and
> not cleared with SSL_clear()?
// The SSL object should be new (iSocket comes from TCP connect statement
earlier)
ssl = SSL_new(ctx);
err = SSL_set_fd(ssl, iSocket);
err = SSL_connect(ssl);
> Please check out all of these points first.
They seem ok to me. Thanks for the pointers though - any more ideas?
Thanks,
Toby
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
