> -----Original Message-----
> From: Roger Miller
>
> Using OpenSSL libraries to provide basic encryption between client and
> server.
> Using non-blocking sockets, and client can connect to multiple servers.
>
> I have an intermittent issue where server reports
> 'SSL3_GET_RECORD:wrong version number' during client hello.
> I have added trace statements to the SSL code on both client and
> server.
> On the client, I am displaying the value of s->version down into
> do_ssl3_write, and it is correct (0x0301).
> On the server, error shows up here:
>
> if ((version>>8) != SSL3_VERSION_MAJOR)
> {
>
> SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
> fp=fopen("ssl_err.log","a+");
> fprintf(fp,"WRONG_VERSION:ssl_major-%04x:packet-
> %04x\n",ssl_major,version);
> fclose(fp);
> goto err;
> }
>
> (I added the logging). Both ssl_major and version are 0x0000 when the
> error happens.
> This appears to be the first packet of client hello.
>
> This only happens occasionally - I can run the test many times
> sequentially with success, and then it will fail, then work again on
> the next try.
>
> Have tested with both v1.0.0k and v1.0.1e with same results.
>
> Any advice or debugging tips would be appreciated.
>
> Thanks,
> Roger
>
Update on above: this was a client-side problem, and may be specific to Windows
- the 'wrong version number' message from the server was a red herring.
(Unfortunately, my application was sending the data in clear text after the
SSL_connect call failed.)
My initial call to 'connect' was returning 'WSAEWOULDBLOCK' (to be expected on
a non-blocking socket). Then the call to SSL_connect was *sometimes* returning
'WSAENOTCONN'. However, I found that simply retrying the SSL_connect call (in
the same manner as if I had gotten SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE)
corrected the issue.
Do anyone know if this is expected behavior for Windows sockets?
Thanks,
Roger
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
