Versions:
OpenSSL 0.9.1c 23-Dec-1998
SSLeay 0.9.0b 29-Jun-1998
Platforms:
BSD/OS 2.1
SunOS 4.1.4
Compiler:
gcc 2.7.2.1
Problem:
When attempting to connect using the sample client to www.amazon.com
(Netscape-Commerce/1.12) the SSLconnect fails. However, when the
sample client is specifically hardcoded to ssl2 instead of the
default ssl23, the connection succeeds. This also happens with
www.borders.com (Netscape-Enterprise 2.01)
I get a different failure for a simular reason with www.kmart.com
(Microsoft-IIS/3.0).
Strangely, icob.chase.com is also Netscape-Enterprise 2.01 but works.
I could believe that these are errors in their implementation,
but I thought you should be made aware.
--------------------------------------------------
Fails> ./ssleay s_client -connect www.kmart.com:443
10566:error:140790E3:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:224:
Works> ./ssleay s_client -ssl2 -connect www.kmart.com:443
--------------------------------------------------
--------------------------------------------------
Fails> ./ssleay s_client -connect www.amazon.com:443
12026:error:1407D071:SSL routines:SSL2_READ:bad mac decode:s2_pkt.c:233:
Works> ./ssleay s_client -ssl2 -connect www.amazon.com:443
--------------------------------------------------
--------------------------------------------------
Fails> ./ssleay s_client -connect www.borders.com:443
12053:error:1407D071:SSL routines:SSL2_READ:bad mac decode:s2_pkt.c:233:
Works> ./ssleay s_client -ssl2 -connect www.borders.com:443
--------------------------------------------------
--------------------------------------------------
Works> ./ssleay s_client -connect icob.chase.com:443
--------------------------------------------------
-Seth Robertson
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
