csross wrote:
>
> I'm running solaris openssl 097l and I upgraded to 098h. I see errors in
> the logs that seem like debugging errors that showed up, but seemed to
> happen in both versions I believe. I am using a certificate from another
> machine to test for this server. I believe the error messages generate
> when I access the page (as the IP is my PC), and the https pages does come
> up.
>
> There are entries when I start ssl, and the entries when I request an
> https page. I've removed alot of lines that contain only debug errors and
> no messages.
>
> 1) I am seeing all debug errors (they are bolded)
> 2) In the same session, it seems to start different connections, and them
> some of them see to close badly (could that be when I look at the
> certificate)
>
> Thank you in advance for any assistance.
>
> [Thu Oct 30 10:45:22 2008] [info] Loading certificate & private key of
> SSL-aware server
> [Thu Oct 30 10:45:22 2008] [debug] ssl_engine_pphrase.c(469): unencrypted
> RSA private key - pass phrase not required
> [Thu Oct 30 10:45:26 2008] [info] Configuring server for SSL protocol
> [Thu Oct 30 10:45:26 2008] [debug] ssl_engine_init.c(384): Creating new
> SSL context (protocols: SSLv2, SSLv3, TLSv1)
> [Thu Oct 30 10:45:26 2008] [debug] ssl_engine_init.c(580): Configuring
> permitted SSL ciphers
> [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL]
> [Thu Oct 30 10:45:26 2008] [debug] ssl_engine_init.c(708): Configuring RSA
> server certificate
> [Thu Oct 30 10:45:26 2008] [debug] ssl_engine_init.c(747): Configuring RSA
> server private key
>
> [Thu Oct 30 10:46:31 2008] [info] [client 10.10.10.60] Connection to child
> 9 established (server www.server.com:443)
>
> [Thu Oct 30 10:46:31 2008] [info] Seeding PRNG with 0 bytes of entropy
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1752): OpenSSL:
> Handshake: start
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: before/accept initialization
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_io.c(1817): OpenSSL: read
> 11/11 bytes from BIO#18f278 [mem: 1a50a8] (BIO dump follows)
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_io.c(1750):
> +-------------------------------------------------------------------------+
> ......
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 read client hello A
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 write server hello A
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 write certificate A
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 write server done A
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 flush data
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_io.c(1817): OpenSSL: read
> 5/5 bytes from BIO#18f278 [mem: 1a50a8] (BIO dump follows)
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_io.c(1750):
> +-------------------------------------------------------------------------+
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 write finished A
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 flush data
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1756): OpenSSL:
> Handshake: done
> [Thu Oct 30 10:46:31 2008] [info] Connection: Client IP: 10.10.10.60,
> Protocol: TLSv1, Cipher: RC4-MD5 (128/128 bits)
>
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_io.c(1828): OpenSSL: I/O
> error, 5 bytes expected to read on BIO#18f278 [mem: 1a50a8]
>
> [Thu Oct 30 10:46:31 2008] [info] [client 10.10.10.60] (70014)End of file
> found: SSL input filter read failed.
> [Thu Oct 30 10:46:31 2008] [debug] ssl_engine_kernel.c(1770): OpenSSL:
> Write: SSL negotiation finished successfully
> [Thu Oct 30 10:46:31 2008] [info] [client 10.10.10.60] Connection closed
> to child 9 with standard shutdown (server www.server.com:443)
> [Thu Oct 30 10:46:36 2008] [info] [client 10.10.10.60] Connection to child
> 16 established (server www.server.com:443)
> [Thu Oct 30 10:46:36 2008] [info] Seeding PRNG with 0 bytes of entropy
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1752): OpenSSL:
> Handshake: start
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: before/accept initialization
> ------------------------------+
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 read client hello A
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 write server hello A
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 write certificate A
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 write server done A
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: SSLv3 flush data
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_io.c(1817): OpenSSL: read
> 5/5 bytes from BIO#18f278 [mem: 1a50a8] (BIO dump follows)
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_io.c(1750):
> +-------------------------------------------[Thu Oct 30 10:46:36 2008]
> [info] Connection: Client IP: 10.10.10.60, Protocol: TLSv1, Cipher:
> RC4-MD5 (128/128 bits)
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_io.c(1828): OpenSSL: I/O
> error, 5 bytes expected to read on BIO#18f278 [mem: 1a50a8]
> [Thu Oct 30 10:46:36 2008] [info] [client 10.10.10.60] (70014)End of file
> found: SSL input filter read failed.
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1770): OpenSSL:
> Write: SSL negotiation finished successfully
> [Thu Oct 30 10:46:36 2008] [info] [client 10.10.10.60] Connection closed
> to child 16 with standard shutdown (server www.server.com:443)
> [Thu Oct 30 10:46:36 2008] [info] [client 10.10.10.60] Connection to child
> 14 established (server www.server.com:443)
> [Thu Oct 30 10:46:36 2008] [info] Seeding PRNG with 0 bytes of entropy
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1752): OpenSSL:
> Handshake: start
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_kernel.c(1760): OpenSSL:
> Loop: before/accept initialization
> [Thu Oct 30 10:46:36 2008] [info] Initial (No.1) HTTPS request received
> for child 14 (server www.server.com:443)
> [Thu Oct 30 10:46:36 2008] [info] [client 10.10.10.60] Connection closed
> to child 14 with unclean shutdown (server www.server.com:443)
> [Thu Oct 30 10:46:36 2008] [info] [client 10.10.10.60] Connection to child
> 17 established (server
>
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_io.c(1817): OpenSSL: read
> 11/11 bytes from BIO#18f278 [mem: 19f090] (BIO dump follows)
> [Thu Oct 30 10:46:36 2008] [debug] ssl_engine_io.c(1795):
> +-------------------------------------------------------------------------+
> [Thu Oct 30 10:46:36 2008] [info] Initial (No.1) HTTPS request received
> for child 17 (server www.server.com:443)
> [Thu Oct 30 10:46:36 2008] [info] [client 10.10.10.60] Connection closed
> to child 17 with unclean shutdown (server www.server.com:443)
>
>
>
"I DISCOVERED THOSE ARE DEBUG ERRORS BECAUSE I HAVE LOGLEVEL DEBUG. THE
ERRORS ABOUT THE UNCLEAN SHUTDOWN ARE APPARENTLY FROM AN BUG IN IE WHERE IT
DOESN'T CLOSE THE CONNECTION PROPERLY. I DO NOT GET THE SAME ERROR ABOUT
UNCLEAN SHUTDOWN IN FIREFOX"
--
View this message in context:
http://www.nabble.com/handshake-connection-errors-tp20249805p20428283.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
