serverhello refused by openssl
J. Cameijo Cerdeira
cerdeira at co.sapo.pt
Wed Sep 7 19:39:36 CEST 2011
Hello,
I was able to connect to a server (it uses gnu libmicrohttpd) until I've upgraded to gnutls 3.0.2. since then openssl based clients (old versions 0.9.7g and 0.9.8c) started failing with SSL3_GET_SERVER_HELLO:bad packet length.
libmicrohttpd uses a "NORMAL" priority string. tried changing that to NORMAL:%COMPAT to no avail.
It's probably a bug in openssl but I'd like someone could enlighten me.
following is a dump of the negotiation (output of
openssl s_client -ssl3 -state -debug -msg -connect):
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 08192008 [0819BDC0] (102 bytes => 102 (0x66))
0000 - 16 03 00 00 61 01 00 00-5d 03 00 4e 67 a9 93 a5 ....a...]..Ng...
0010 - cb 74 7e 7b 11 55 60 f7-65 d4 c9 4f bf 0e 70 2c .t~{.U`.e..O..p,
0020 - 43 3d 9b d1 f7 bc a4 33-a5 6f d2 00 00 36 00 39 C=.....3.o...6.9
0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f .8.5.......3.2./
0040 - 00 07 00 66 00 05 00 04-00 63 00 62 00 61 00 15 ...f.....c.b.a..
0050 - 00 12 00 09 00 65 00 64-00 60 00 14 00 11 00 08 .....e.d.`......
0060 - 00 06 00 03 01 .....
0066 - <SPACES/NULS>
>>> SSL 3.0 Handshake [length 0061], ClientHello
01 00 00 5d 03 00 4e 67 a9 93 a5 cb 74 7e 7b 11
55 60 f7 65 d4 c9 4f bf 0e 70 2c 43 3d 9b d1 f7
bc a4 33 a5 6f d2 00 00 36 00 39 00 38 00 35 00
16 00 13 00 0a 00 33 00 32 00 2f 00 07 00 66 00
05 00 04 00 63 00 62 00 61 00 15 00 12 00 09 00
65 00 64 00 60 00 14 00 11 00 08 00 06 00 03 01
00
SSL_connect:SSLv3 write client hello A
read from 08192008 [081975B0] (5 bytes => 5 (0x5))
0000 - 16 03 00 00 4c ....L
read from 08192008 [081975B5] (76 bytes => 76 (0x4C))
0000 - 02 00 00 48 03 00 4e 67-a9 93 85 85 c0 0e d1 86 ...H..Ng........
0010 - b2 00 6b f1 10 1b 28 d9-68 8c 17 6a 3b 69 97 f5 ..k...(.h..j;i..
0020 - 91 72 78 48 f2 56 20 6e-13 d4 11 53 8f 89 35 a7 .rxH.V n...S..5.
0030 - 48 43 14 b3 75 ff 06 18-33 8c bd 78 9d 47 62 6a HC..u...3..x.Gbj
0040 - c6 13 a3 29 2a a3 bb 00-35 ...)*...5
004c - <SPACES/NULS>
<<< SSL 3.0 Handshake [length 004c], ServerHello
02 00 00 48 03 00 4e 67 a9 93 85 85 c0 0e d1 86
b2 00 6b f1 10 1b 28 d9 68 8c 17 6a 3b 69 97 f5
91 72 78 48 f2 56 20 6e 13 d4 11 53 8f 89 35 a7
48 43 14 b3 75 ff 06 18 33 8c bd 78 9d 47 62 6a
c6 13 a3 29 2a a3 bb 00 35 00 00 00
SSL_connect:error in SSLv3 read server hello B
2249:error:14092073:SSL routines:SSL3_GET_SERVER_HELLO:bad packet length:s3_clnt.c:743:
TIA
José Cameijo Cerdeira
--
Top 10 reasons to procrastinate:
1)
More information about the Gnutls-devel
mailing list