Dear Users, I am in urgent need of help. If anyone can guide, I will be very thankful. I have given problem details below after necessary introduction.
I have scanned through the list archive as much as possible and I could only find one message with similar problem. The message is http://marc.theaimsgroup.com/?l=openssl-users&m=109629664621684&w=2 Nobody replied to it. I suspect this is with reference to DoS flaw (resolved on 17/03/2004) but I am not sure. I am already upgrading my OpenSSL version to check out. If anyone can help please respond. In my case, - SSL_accept return -1 - SSL_get_error returns SSL_EEROR_SSL - SSL_error_string returns "error:00000001:lib(0):func(0):reason(1)" - ERR_print_errors doesnot print anything so I presume queue is empty. The most intriguing part is when I was writing this server, I developed a small client just to test connectivity. That client succeeds. However, when doing live testing not a single connection was accepted from outside. The test client was run on the same host. I obtained network traffic using "ssldump" (http://www.rtfm.com/ssldump/). Its dump is given below for a single connection. System details are as follows: - Linux (RH 9) - OpenSSL 0.9.7a - x86 box The ssldump gives New TCP connection #144: w.x.y.z <-> a.b.c.d 144 1 0.0872 (0.0872) C>SV3.0(57) Handshake ClientHello Version 3.0 random[32]= 42 0a 0e cb b1 24 f5 d0 9d b6 27 3b 40 bc e2 37 40 5d 24 05 c4 9b 31 d8 90 46 7b 28 c8 83 f5 c2 cipher suites Unknown value 0x3a Unknown value 0x34 SSL_DH_anon_WITH_3DES_EDE_CBC_SHA SSL_DH_anon_WITH_DES_CBC_SHA SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA SSL_DH_anon_WITH_RC4_128_MD5 SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 compression methods NULL 144 2 0.0874 (0.0001) S>CV3.0(2) Alert level fatal value handshake_failure 144 0.0875 (0.0001) S>C TCP FIN 144 0.1368 (0.0492) C>S TCP FIN Sometimes the last two lines of "TCP FIN" are there, sometimes not. I am unable to obtain ssldump for test localhost client. Please guys, it is quite an urgent situation. Please respond quickly. Regards Nauman Akbar ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
