i guess in my case , server is not able to understand the client hello message .. any thoughts ? how do i debug it more ..
On Thu, Jun 18, 2009 at 3:03 PM, Anil Tambe <tambe.a...@gmail.com> wrote: > Yes client is not able to connect and ssl23_get_client_hello is returning > -1 and so its going in > in s23_srvr.c . > > > 568 if ((type < 1) || (type > 3)) > (gdb) n > 571 > SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); > (gdb) n > 572 goto err; > > The value of type is 0 . i.e which is set default .. > > i notice that the SSL passed to sl23_get_client_hello has value of packet > as 0. > > (gdb) print p > $10 = (unsigned char *) 0x403390b0 "[Security]\n\250" > (gdb) print *p[0] > $12 = 0 > (gdb) print *p[1] > $13 = 0 > (gdb) print *p[2] > $14 = 0 > (gdb) print *p[3] > $15 = 0 > (gdb) print *p[11] > $16 = 0 > > Any suggestion what i should be looking at .. > Any suggestion how do i reproduce this with openssl sample , i.e s_client > and s_server ? > > Thanks > Anil > > On Thu, Jun 18, 2009 at 10:45 AM, David Schwartz <dav...@webmaster.com>wrote: > >> >> Anil Tambe wrote: >> >> > Getting the Below error : >> >> > error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol >> > As of now i am not able to reproduce the issue in stand alone openssl, >> > this is coming from the parent application which is consuming openssl. >> >> What is the problem? Are clients unable to connect? Seeing this error in a >> log is perfectly normal and doesn't necessarily indicate any problem. This >> generally indicates a protocol mismatch on the two sides of a connection, >> which can occur very commonly on the Internet. >> >> For example, if someone types "http://www.example.com:4040/"; instead of >> "https://www.example.com:4040/"; one side will be speaking SSL and one >> side >> won't. Odds are the SSL-speaking side will find some SSL protocol >> violation, >> since the other side isn't speaking SSL at all. >> >> DS >> >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org >> > >
