Hello, > I have a SSL Server application .. In a test scenario 20 clients try > connecting to the server simultaneously. In most of the test run > atleast one connection fails. The server logs the following message > for the failed connection: > > ** server.c:809 Error accepting SSL connection > 14658:error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or > bad record mac:s3_pkt.c:426: > > What is the reason for this inconsistent handshake failures? > > I have OpenSSL 0.9.8a . This error can appear for a few reasons, for example: - bad packet decryption (errors in key or cbc xor) - bad decompression - MAC length in packet greater than packet - bad or NULL MAC But in this situation I would suggest checking proper setting of callback locking functions if your server is multithreading. Locking is used by OpenSSL in multithreading environment in this situation should be checked first. (assuming that I am knowing nothing about your server).
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]