On Mon, Apr 08, 2002 at 06:23:12PM -0500, Kevin Regan wrote: > > Hi, > > The client and server are hanging at the moment (I have them both set up to > defer the handshake until they actually start doing reads and writes). Here > is the output from the Java (client) side: > > %% No cached client session > *** ClientHello, v3.1 > RandomCookie: GMT: 1001529913 bytes = { 73, 47, 149, 28, 97, 17, 208, 173, > 40, 253, 177, 188, 173, 223, 166, 36, 123, 114, 130, 35, 168, 26, 51, 5, 70, > 108, 161, 1 } > Session ID: {} > Cipher Suites: { 0, 5 } > Compression Methods: { 0 } > *** > [write] MD5 and SHA1 hashes: len = 45 > 0000: 01 00 00 29 03 01 3C B2 22 39 49 2F 95 1C 61 11 ...)..<."9I/..a. > 0010: D0 AD 28 FD B1 BC AD DF A6 24 7B 72 82 23 A8 1A ..(......$.r.#.. > 0020: 33 05 46 6C A1 01 00 00 02 00 05 01 00 3.Fl......... > main, WRITE: SSL v3.1 Handshake, length = 45 > [write] MD5 and SHA1 hashes: len = 44 > 0000: 01 03 01 00 03 00 00 00 20 00 00 05 3C B2 22 39 ........ ...<."9 > 0010: 49 2F 95 1C 61 11 D0 AD 28 FD B1 BC AD DF A6 24 I/..a...(......$ > 0020: 7B 72 82 23 A8 1A 33 05 46 6C A1 01 .r.#..3.Fl..
Hmm. This is a TLSv1 client hello? Hmm: lutzpc 27: openssl s_client -debug -tls1 -connect serv01:443 CONNECTED(00000003) write to 08149C18 [081539D0] (88 bytes => 88 (0x58)) 0000 - 16 03 01 00 53 01 00 00-4f 03 01 3c b3 33 22 c2 ....S...O..<.3". 0010 - 41 74 94 64 c2 a3 54 4c-41 36 d6 38 df 06 3a a0 At.d..TLA6.8..:. 0020 - 7e 2c fd 09 24 86 92 5e-d5 d2 94 00 00 28 00 16 ~,..$..^.....(.. 0030 - 00 13 00 0a 00 66 00 05-00 04 00 65 00 64 00 63 .....f.....e.d.c 0040 - 00 62 00 61 00 60 00 15-00 12 00 09 00 14 00 11 .b.a.`.......... 0050 - 00 08 00 06 00 03 01 ....... Would you consider using ssldump in helping you to analyze the handshake?? > main, WRITE: SSL v2, contentType = 22, translated length = 16343 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Hmm. This does not really indicate it is TLSv1, doesn't it??? > and here is what I get on the server (OpenSSL) when I Ctrl-C the client: > > 26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version > number:s3_pkt.c:290: That would fit the ^^^^ underlined statement above. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]