(I do not see my original post in the archives, and no one replied to my re-post, so I am re-posting again...)
I have a custom-written SSL server that TLSv1 clients are not able to connect to it. The TLSv1 handshake is failing with an SSL_R_NO_SHARED_CIPHER error. I have a TLSv1 client using SSLv2 headers, and it is sending ciphers using 3-byte ID numbers (I have a capture if needed - Wireshark displays the hello data fine), and SSL_get_ciphers() returns a valid list of server-side ciphers, but ssl3_choose_cipher() inside of ssl3_get_client_hello() is failing to find a match. ssl_bytes_to_cipher_list() is returning an empty client cipher list, because it is expecting cipher IDs to be 2 bytes in size instead of 3 bytes. Is this a bug, or is the SSLv2 logic supposed to be pre-massaging the data into something the SSLv3/TLSv1 logic can consume and I am just not reading the code correctly? If it is a bug, the code I looked at goes back several versions, at least. Ryan Pfeifle Sr. Programmer Voice Print International, Inc. Immediate Results. Unmatched Value. Tel: 1.805.389.5200 x5297 Fax: N/A Email: r...@vpi-corp.com Web: www.VPI-corp.com Experience the VPI Value Advantage at http://www.VPI-corp.com/Value The information transmitted in this message is intended only for the addressee and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete this material from any computer. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
