Re: OpenSSL/Java JSSE Handshake problem...

Lutz Jaenicke Tue, 09 Apr 2002 11:11:17 -0700

On Mon, Apr 08, 2002 at 06:23:12PM -0500, Kevin Regan wrote:
> 
> Hi,
> 
> The client and server are hanging at the moment (I have them both set up to
> defer the handshake until they actually start doing reads and writes).  Here
> is the output from the Java (client) side:
> 
> %% No cached client session
> *** ClientHello, v3.1
> RandomCookie:  GMT: 1001529913 bytes = { 73, 47, 149, 28, 97, 17, 208, 173,
> 40, 253, 177, 188, 173, 223, 166, 36, 123, 114, 130, 35, 168, 26, 51, 5, 70,
> 108, 161, 1 }
> Session ID:  {}
> Cipher Suites:  { 0, 5 }
> Compression Methods:  { 0 }
> ***
> [write] MD5 and SHA1 hashes:  len = 45
> 0000: 01 00 00 29 03 01 3C B2   22 39 49 2F 95 1C 61 11  ...)..<."9I/..a.
> 0010: D0 AD 28 FD B1 BC AD DF   A6 24 7B 72 82 23 A8 1A  ..(......$.r.#..
> 0020: 33 05 46 6C A1 01 00 00   02 00 05 01 00           3.Fl.........
> main, WRITE:  SSL v3.1 Handshake, length = 45
> [write] MD5 and SHA1 hashes:  len = 44
> 0000: 01 03 01 00 03 00 00 00   20 00 00 05 3C B2 22 39  ........ ...<."9
> 0010: 49 2F 95 1C 61 11 D0 AD   28 FD B1 BC AD DF A6 24  I/..a...(......$
> 0020: 7B 72 82 23 A8 1A 33 05   46 6C A1 01              .r.#..3.Fl..


Hmm. This is a TLSv1 client hello? Hmm:
lutzpc 27: openssl s_client -debug -tls1 -connect serv01:443
CONNECTED(00000003)
write to 08149C18 [081539D0] (88 bytes => 88 (0x58))
0000 - 16 03 01 00 53 01 00 00-4f 03 01 3c b3 33 22 c2   ....S...O..<.3".
0010 - 41 74 94 64 c2 a3 54 4c-41 36 d6 38 df 06 3a a0   At.d..TLA6.8..:.
0020 - 7e 2c fd 09 24 86 92 5e-d5 d2 94 00 00 28 00 16   ~,..$..^.....(..
0030 - 00 13 00 0a 00 66 00 05-00 04 00 65 00 64 00 63   .....f.....e.d.c
0040 - 00 62 00 61 00 60 00 15-00 12 00 09 00 14 00 11   .b.a.`..........
0050 - 00 08 00 06 00 03 01                              .......

Would you consider using ssldump in helping you to analyze the handshake??


> main, WRITE:  SSL v2, contentType = 22, translated length = 16343
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Hmm. This does not really indicate it is TLSv1, doesn't it???

> and here is what I get on the server (OpenSSL) when I Ctrl-C the client:
> 
> 26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
> number:s3_pkt.c:290:

That would fit the ^^^^ underlined statement above.

Best regards,
        Lutz
-- 
Lutz Jaenicke                             [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Re: OpenSSL/Java JSSE Handshake problem...

Reply via email to