Re: Multiple reconnection in OpenSSL 1.1.0

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 16/01/18 13:35, Huy Cong Vu wrote:
> Thanks for the advice, I got these as error:
> 1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:210
> 1408F119:SSL routines:ssl3_get_record:decryption failed or bad record mac:ssl/record/ssl3_record.c:375 
> 
> Does it means my configuration is not correct, or not synchronized between client and server?

It means the data OpenSSL is trying to read looks incorrectly formatted.
This should never normally happen with two correctly working endpoints.
The first error will normally immediately result in an alert being sent
and the function call failing - meaning that you'd never get to hit the
second error. I can't see a way of getting both those errors in a single
function call - which might suggest some earlier function call has
failed and the error message is still on the error queue when you call
SSL_read().

A couple of things to try:

- Try calling ERR_print_errors_fp() *before* the call to SSL_read() as
well, to verify there are no errors already in the queue
- A wireshark trace of the communication between the two endpoints might
be helpful to figure out what is going wrong

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux