Marek/Chong,
Thanks for your reply. As Marek poited out the issue was in the way mutithreading was achieved in server. The locking of SSL context objects 'ctx' was not done properly. The issue is solved now. Chong , I tried using sslv23_server_method but it didn't help . ----- Original Message ----- From: "Marek Marcola" <[EMAIL PROTECTED]> To: <openssl-users@openssl.org> Sent: Wednesday, November 01, 2006 4:33 AM Subject: Re: Error accepting connections > Hello, > > I have a SSL Server application .. In a test scenario 20 clients try > > connecting to the server simultaneously. In most of the test run > > atleast one connection fails. The server logs the following message > > for the failed connection: > > > > ** server.c:809 Error accepting SSL connection > > 14658:error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or > > bad record mac:s3_pkt.c:426: > > > > What is the reason for this inconsistent handshake failures? > > > > I have OpenSSL 0.9.8a . > This error can appear for a few reasons, for example: > - bad packet decryption (errors in key or cbc xor) > - bad decompression > - MAC length in packet greater than packet > - bad or NULL MAC > But in this situation I would suggest checking proper > setting of callback locking functions if your server > is multithreading. Locking is used by OpenSSL in multithreading > environment in this situation should be checked first. > (assuming that I am knowing nothing about your server). > > Best regards, > -- > Marek Marcola <[EMAIL PROTECTED]> > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
