> I bet you would get the same behavior with s_client.
> At least that's what I've experienced - the fix is
> to use only SSLv2 or SSLv3.
> To fix it look for the following line in Net::SSLeay:
>
> #$ssl_version = 3; # 2 = insist on v2 SSL protocol, 3 = insist on v3
SSL
> # undef = guess (v23)
>
> Uncomment it and choose either v2 or v3 - that should do the trick.
> You could also try it out manually with the s_client to see if it
> dumps core without the -ssl3 (-ssl2) option.
No, unfortunately that didn't fix it.
Here's what happens when I try to connect via s_client:
SSLeay>s_client -connect tips.citicorp.de:443 -ssl2
CONNECTED(00000003)
1747:error:1407F0E1:SSL routines:SSL2_WRITE:ssl handshake
failure:s2_pkt.c:371:
SSLeay>s_client -connect tips.citicorp.de:443 -ssl3
CONNECTED(00000003)
1747:error:1409E0E1:SSL routines:SSL3_WRITE_BYTES:ssl handshake
failure:s3_pkt.c
:461:
SSLeay>s_client -connect tips.citicorp.de:443
CONNECTED(00000003)
1919:error:140790E1:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:223
:
That's what happens when I try to connect to another secure web site:
SSLeay>s_client -connect www.puretec.de:443
CONNECTED(00000003)
depth=0 /C=DE/ST=BW/L=Karlsruhe/O=Schlund + Partner
AG/OU=PureTec/CN=www.puretec
.de
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/ST=BW/L=Karlsruhe/O=Schlund + Partner
AG/OU=PureTec/CN=www.puretec
.de
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certficate chain
0 s:/C=DE/ST=BW/L=Karlsruhe/O=Schlund + Partner
AG/OU=PureTec/CN=www.puretec.de
i:/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting
cc/OU=Certification S
ervices Division/CN=Thawte Server [EMAIL PROTECTED]
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICrTCCAhYCAjBoMA0GCSqGSIb3DQEBBAUAM .....
That's what it looks like when I try to connect via get_page.pl from
the examples subdirectory (SSL2 enforced):
medizinrecht: {30} % ./get_page.pl tips.citicorp.de 443
/cgi-bin/ckshdl
Opening connection to tips.citicorp.de:443 (0)
Creating SSL 2 context...
Creating SSL connection (context was '733696')...
Setting fd (ctx 733696, con 734720)...
Entering SSL negotiation phase...
SSLeay connect returned 0
Cipher `(NONE)'
Segmentation fault (core dumped)
medizinrecht: {31} %
Any help would be greatly appreciated.
--
Johannes Schritz Tel 06721-975234
Saarlandstraße 176 Fax 06721-47222
55411 Bingen Mobil 0177-8799781
[EMAIL PROTECTED] ICQ 2531515
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
