Re: bad mac decode (Was: CodeWarrior and openssl)

Wed, 20 Sep 2000 08:41:56 -0700 

on 9/20/00 17:08, Bodo Moeller at [EMAIL PROTECTED]
wrote:

> On Wed, Sep 20, 2000 at 04:48:39PM +0800, Michael Lee wrote:
> 
> [...]
>> I have encountered exactly the same "bad mac decode" error before, although
>> I am using VC++6 on Windows 98.  My HTTPS client application attempts to
>> connect to its.bocgroup.com (210.177.52.102) using SSLv23_method, but fails
>> and returns that message.  Even setting the SSL_OP_NO_TLSv1 option, which
>> solves a lot of problem when using SSLv23_method, does not help.  However,
>> it is strange that both SSLv2_method and SSLv3_method work fine with that
>> site.
> 
> I can connect using
> openssl s_client -connect its.bocgroup.com:443 -debug -no_tls1
> (both OpenSSL 0.9.5a and the current development version work),
> which is SSLv23_method with SSL_OP_NO_TLSv1.
> The negotiated cipher is 'RC4-SHA' (SSL 3.0).
> 
> Please try if connections work with s_client on your system.
> If they do, but really fail when using your own client, then try
> a test-run with the cipher string set to 'RC4-SHA'.

[about codewarrior and openssl]

If I want to test this I have to manage to build the openssl application
under codewarrior, which absolutly fails for the moment.
I'm using the codewarrior project file included in the official openssl
release as a reference, and also there, there is no support whatsoever to
build the 'openssl' app.

Anyway, I'll try the test-run as you suggested (SSL_set_cipher_list(ctx
*,"RC4-SHA) I presume ;-)). also, some tests I did today seem to show that
the error disapears when using SSLv2_server_method.

[and another question]

Maybe a bit of a stupid question, but here goes... The macintosh version of
openssl uses some specific mac sources too seed the random generator
(Randomizer.cpp and Randomizer.h), great. I do not include these mac
specific sources on NT, resulting in (fatal) complaints about the random
generator not being seeded. So I assume I have to do some seeding on NT, how
do I do this ?? (read: which magical function can I summon ;-))

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to