Hello,
> I have a SSL Server application .. In a test scenario 20 clients try
> connecting to the server simultaneously. In most of the test run
> atleast one connection fails. The server logs the following message
> for the failed connection:
>
> ** server.c:809 Error accepting SSL connection
> 14658:error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or
> bad record mac:s3_pkt.c:426:
>
> What is the reason for this inconsistent handshake failures?
>
> I have OpenSSL 0.9.8a .
This error can appear for a few reasons, for example:
- bad packet decryption (errors in key or cbc xor)
- bad decompression
- MAC length in packet greater than packet
- bad or NULL MAC
But in this situation I would suggest checking proper
setting of callback locking functions if your server
is multithreading. Locking is used by OpenSSL in multithreading
environment in this situation should be checked first.
(assuming that I am knowing nothing about your server).
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
