On 29/01/2020 17:28, Tiwari, Hari Sahaya wrote:
> Yes, client is also on same version 1.0.2
> In this case SSL handshake(SSL_connect & SSL_accept) is done through systemd
> socket/service, which is failing.
> Any references around it will be very helpful.
What kind of BIO are you using for reading the data in the server?
Is it possible to get a wireshark trace of the failing handshake?
Matt
>
> Regards,
> Hari.
>
> -----Original Message-----
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Matt Caswell
> Sent: Tuesday, January 28, 2020 8:27 PM
> To: openssl-users@openssl.org
> Subject: Re: SSL_connect fails on systemd socket
>
>
>
> On 28/01/2020 14:03, Tiwari, Hari Sahaya wrote:
>> 140691172779952:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong
>> version number:s3_pkt.c:365:
>
> You don't say, but from the reference to s3_pkt.c above I assume you are
> using OpenSSL 1.0.2
>
> This error means that the server has received a record that has the wrong
> protocol version number in it. It has progressed far enough along the line
> that it has already processed the initial ClientHello from the client and is
> now trying to read some later record from the client.
> Because it has already processed the initial ClientHello we have already
> determined which protocol version is in use, so all records should use that
> protocol version in their headers. In the case of this error we've received
> something other than that version.
>
> This usually occurs because of some corruption of the data.
>
> Are you also using OpenSSL 1.0.2 on the client?
>
> Matt
>
>>
>> Here client is able to do normal connect, post that SSL_connect fails.
>>
>>
>>
>> This client server program works well outside of systemd.
>>
>>
>>
>> Do I need to add some extra steps to get this working?
>>
>> Any help or reference would be appreciated.
>>
>>
>>
>> Thanks & Regards,
>>
>>
>>
>>
>>
>
