Yes client is not able to connect and ssl23_get_client_hello is returning -1 and so its going in in s23_srvr.c .
568 if ((type < 1) || (type > 3)) (gdb) n 571 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); (gdb) n 572 goto err; The value of type is 0 . i.e which is set default .. i notice that the SSL passed to sl23_get_client_hello has value of packet as 0. (gdb) print p $10 = (unsigned char *) 0x403390b0 "[Security]\n\250" (gdb) print *p[0] $12 = 0 (gdb) print *p[1] $13 = 0 (gdb) print *p[2] $14 = 0 (gdb) print *p[3] $15 = 0 (gdb) print *p[11] $16 = 0 Any suggestion what i should be looking at .. Any suggestion how do i reproduce this with openssl sample , i.e s_client and s_server ? Thanks Anil On Thu, Jun 18, 2009 at 10:45 AM, David Schwartz <dav...@webmaster.com>wrote: > > Anil Tambe wrote: > > > Getting the Below error : > > > error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol > > As of now i am not able to reproduce the issue in stand alone openssl, > > this is coming from the parent application which is consuming openssl. > > What is the problem? Are clients unable to connect? Seeing this error in a > log is perfectly normal and doesn't necessarily indicate any problem. This > generally indicates a protocol mismatch on the two sides of a connection, > which can occur very commonly on the Internet. > > For example, if someone types "http://www.example.com:4040/"; instead of > "https://www.example.com:4040/"; one side will be speaking SSL and one side > won't. Odds are the SSL-speaking side will find some SSL protocol > violation, > since the other side isn't speaking SSL at all. > > DS > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
