Re: SSL Library Error

Maddalena . Pulcini Thu, 07 Apr 2005 00:50:34 -0700

Hi (sorry for my english),
I got a similar problem.
openssl-0.9.7d has problems with some kind of ciphers; for example, my
client offers as first cipher AES256-SHA (....Negotiated ciphers:
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1)
and when transmission starts I get:



2005.03.07 12:54:08 LOG6[3764:1572]: SSL connected: new session negotiated
2005.03.07 12:54:08 LOG6[3764:1572]: Negotiated ciphers: AES256-SHA             
 SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
2005.03.07 12:54:30 LOG7[3764:1572]: SSL alert (write): fatal: bad record mac
2005.03.07 12:54:30 LOG3[3764:1572]: SSL_read: 1408F455: error:1408F455:SSL 
routines:SSL3_GET_RECORD:decryption failed or bad record mac
2005.03.07 12:54:30 LOG5[3764:1572]: Connection reset: 17 bytes sent to SSL, 
189 bytes sent to socket
2005.03.07 12:54:30 LOG7[3764:1572]: telnet finished (0 left)

Try to use for example RC4-MD5.
I also try to ask to someone if knows the changes to make on *.c and *.h
from openssl-0.9.7d  and the last version openssl-0.9.7f but anyone
answered.
So, if you know some good new, please write to me.

Regards

Maddalena Pulcini





"Kai-Uwe Schmidt" <[EMAIL PROTECTED]>@openssl.org on 06/04/2005
21.50.01

Please respond to openssl-users@openssl.org

Sent by:    [EMAIL PROTECTED]


To:    <openssl-users@openssl.org>
cc:

Subject:    SSL Library Error


Hi List,

can anyone point me to a solution for this ?

[Sat Apr 09 16:14:30 2005] [info] SSL library error 1 in handshake (server
muc03306:443, client 149.235.163.228)
[Sat Apr 09 16:14:30 2005] [info] SSL Library Error: 336131157
error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record
mac
[Sat Apr 09 16:14:30 2005] [info] Connection to child 84 closed with
abortive shutdown(server muc03306:443, client 149.235.163.228)

i am using apache2-2.0.49-27.8 with openssl-0.9.7d-15.10 on a linux box.
This only happens under "heavy" load.

Has anyone a clue about this ?

regards
Kai-Uwe

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
 Automated List Manager                           [EMAIL PROTECTED]


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Re: SSL Library Error

Reply via email to