----- Original Message -----
I found this message in the archive.
This is the same behaviour I am experiencing.
When connecting to www.kohlpcaking.com on port 443 using sslv23 method we
get a bad MAC decode... however when connectin using ssl3 only - we get a good
connection.
----- Original Message -----
From: Seth Robertson <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, July 14, 1999 6:04 PM
Subject: Cannot SSL23 negotiate with several https sites > Versions: > OpenSSL 0.9.1c 23-Dec-1998 > SSLeay 0.9.0b 29-Jun-1998 > > Platforms: > BSD/OS 2.1 > SunOS 4.1.4 > > Compiler: > gcc 2.7.2.1 > > Problem: > When attempting to connect using the sample client to www.amazon.com > (Netscape-Commerce/1.12) the SSLconnect fails. However, when the > sample client is specifically hardcoded to ssl2 instead of the > default ssl23, the connection succeeds. This also happens with > www.borders.com (Netscape-Enterprise 2.01) > > I get a different failure for a simular reason with www.kmart.com > (Microsoft-IIS/3.0). > > Strangely, icob.chase.com is also Netscape-Enterprise 2.01 but works. > > I could believe that these are errors in their implementation, > but I thought you should be made aware. > > -------------------------------------------------- > Fails> ./ssleay s_client -connect www.kmart.com:443 > 10566:error:140790E3:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:224: > Works> ./ssleay s_client -ssl2 -connect www.kmart.com:443 > -------------------------------------------------- > > -------------------------------------------------- > Fails> ./ssleay s_client -connect www.amazon.com:443 > 12026:error:1407D071:SSL routines:SSL2_READ:bad mac decode:s2_pkt.c:233: > Works> ./ssleay s_client -ssl2 -connect www.amazon.com:443 > -------------------------------------------------- > > -------------------------------------------------- > Fails> ./ssleay s_client -connect www.borders.com:443 > 12053:error:1407D071:SSL routines:SSL2_READ:bad mac decode:s2_pkt.c:233: > Works> ./ssleay s_client -ssl2 -connect www.borders.com:443 > -------------------------------------------------- > > -------------------------------------------------- > Works> ./ssleay s_client -connect icob.chase.com:443 > -------------------------------------------------- > > -Seth Robertson > [EMAIL PROTECTED] > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > >
|
- bad mac decode? Erik Aronesty
- Re: bad mac decode? Dennis Glatting
- Erik Aronesty