On Tue, Mar 4, 2014 at 12:34 PM, Jeffrey Walton <noloa...@gmail.com> wrote: > On Tue, Mar 4, 2014 at 11:41 AM, Jeffrey Walton <noloa...@gmail.com> wrote: >> On Tue, Mar 4, 2014 at 11:19 AM, Dr. Stephen Henson <st...@openssl.org> >> wrote: >>> ... >> >> I'm setting up Wireshark now on another machine to get the trace. > The Wireshark trace is useless (to me) because its only displaying TCP > traffic (and not breaking out the SSL/TLS protocol). I can't break the > bits out in my head. > > Here's -debug from a separate s_client on a different physical machine. > > $ /usr/local/ssl/bin/openssl s_client -tls1_2 -connect > debian-q500:8443 -cipher ECDHE-ECDSA-AES128-GCM-SHA256 -debug
Here's the dump from s_server. $ /usr/local/ssl/bin/openssl s_server -accept 8443 -cert server-ecdsa-cert.pem -key server-ecdsa-key-plain.pem -debug Using default temp DH parameters Using default temp ECDH parameters ACCEPT read from 0x13f0550 [0x13f5c40] (11 bytes => 11 (0xB)) 0000 - 16 03 01 01 2e 01 00 01-2a 03 03 ........*.. read from 0x13f0550 [0x13f5c4e] (296 bytes => 296 (0x128)) 0000 - 07 de ce 27 aa ae 3e bf-e2 31 73 46 0d 4a 50 cc ...'..>..1sF.JP. 0010 - f2 09 0f 3e a0 1d 59 d8-e7 63 93 ea 39 37 f4 92 ...>..Y..c..97.. 0020 - 00 00 94 c0 30 c0 2c c0-28 c0 24 c0 14 c0 0a 00 ....0.,.(.$..... 0030 - a3 00 9f 00 6b 00 6a 00-39 00 38 00 88 00 87 c0 ....k.j.9.8..... 0040 - 32 c0 2e c0 2a c0 26 c0-0f c0 05 00 9d 00 3d 00 2...*.&.......=. 0050 - 35 00 84 c0 12 c0 08 00-16 00 13 c0 0d c0 03 00 5............... 0060 - 0a c0 2f c0 2b c0 27 c0-23 c0 13 c0 09 00 a2 00 ../.+.'.#....... 0070 - 9e 00 67 00 40 00 33 00-32 00 9a 00 99 00 45 00 ..g.@.3.2.....E. 0080 - 44 c0 31 c0 2d c0 29 c0-25 c0 0e c0 04 00 9c 00 D.1.-.).%....... 0090 - 3c 00 2f 00 96 00 41 00-07 c0 11 c0 07 c0 0c c0 <./...A......... 00a0 - 02 00 05 00 04 00 15 00-12 00 09 00 14 00 11 00 ................ 00b0 - 08 00 06 00 03 00 ff 01-00 00 6d 00 0b 00 04 03 ..........m..... 00c0 - 00 01 02 00 0a 00 34 00-32 00 0e 00 0d 00 19 00 ......4.2....... 00d0 - 0b 00 0c 00 18 00 09 00-0a 00 16 00 17 00 08 00 ................ 00e0 - 06 00 07 00 14 00 15 00-04 00 05 00 12 00 13 00 ................ 00f0 - 01 00 02 00 03 00 0f 00-10 00 11 00 23 00 00 00 ............#... 0100 - 0d 00 20 00 1e 06 01 06-02 06 03 05 01 05 02 05 .. ............. 0110 - 03 04 01 04 02 04 03 03-01 03 02 03 03 02 01 02 ................ 0120 - 02 02 03 00 0f 00 01 01- ........ write to 0x13f0550 [0x13ff730] (7 bytes => 7 (0x7)) 0000 - 15 03 03 00 02 02 28 ......( ERROR 140339533272744:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1353: shutting down SSL CONNECTION CLOSED ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
