On Tue, May 09, 2006, Adam Ringel wrote: > Interestingly enough, we found out why the connection is failing. However, > we are not sure why openssl doesn't detect it as an error. > After we send the first hand-shake of the SSL negotiation to the server, > we get a RST (ECONNRESET) on the subsequent read for the server's > response. > We're not sure why right now but we think a piece of network equipment > (e.g. a firewall) is detecting an FTP session but gets confused when the > encrypted data starts and kills the connection. >
Maybe the negotiation isn't quite right. I'm not familiar with the protocol but it may have to be byte perfect so the client doesn't send any additional characters when the server is expecting a handshake *and* the client swallows the precise number of characters so the server response doesn't get mixed up. Though I'd expect a different error if the latter was the case. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]