Re: Crypt::SSLeay: Code works on Linux but not Solaris.. HELP!

[Joshua Chamas]

Del Simmons wrote:
> 
> Ok, got past that one.. OpenSSL was looking for the certs.pem file where
> it didn't exist.. copied that over to the proper location and this
> problem was fixed.. Now I have hit an even uglier snag..
 ...
> SSL_connect:SSLv3 write change cipher spec A
> SSL_connect:SSLv3 write finished A
> SSL_connect:SSLv3 flush data
> SSL_connect:SSLv3 read finished A
> 500 (Internal Server Error) read failed:
> Net::SSL::die_with_error('Net::SSL=GLOB(0x356870)', 'read failed')
> called at /usr/local/lib/perl5/site_perl/5.6.0/sun4-solaris/Net/SSL.pm line
> 211

If its working on Linux, but not Solaris, I would make sure
that your versions of openssl & Crypt::SSLeay are exactly
the same.  If they are, I don't know why they would behave
differently.  Check that your perl versions are the same too.

The former problem tends to be more relevant in case you 
linked to an older version of OpenSSL before on one box,
and though you might have installed the latest OpenSSL,
Crypt::SSLeay is still using the old one.

--Josh
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Crypt::SSLeay: Code works on Linux but not Solaris.. HELP!

[Del Simmons]

Ok, got past that one.. OpenSSL was looking for the certs.pem file where 
it didn't exist.. copied that over to the proper location and this 
problem was fixed.. Now I have hit an even uglier snag..

I am using the same script and now when I run it on the Solaris box all 
of the SSL handshake completes properly, including the client 
certitficate parts but the socket seems to be closed by my side before 
any response can be sent back from the server. Has anyone else seen this?

Here is the output I get now when running the below script on the 
Solaris 8 box..

SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
SSL_connect:SSL renegotiate ciphers
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server certificate request A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write certificate verify A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
500 (Internal Server Error) read failed:
Net::SSL::die_with_error('Net::SSL=GLOB(0x356870)', 'read failed')
called at /usr/local/lib/perl5/site_perl/5.6.0/sun4-solaris/Net/SSL.pm line
211
Net::SSL::read('Net::SSL=GLOB(0x356870)', '', 4096, 0) called at
/usr/local/lib/perl5/site_perl/5.6.0/LWP/Protocol/http.pm line 193
LWP::Protocol::http::request('LWP::Protocol::https=HASH(0xf713c)',
'HTTP::Request=HASH(0xf5cb0)', undef, undef, undef, 180) called at
/usr/local/lib/perl5/site_perl/5.6.0/LWP/UserAgent.pm line 212
require 0 called at
/usr/local/lib/perl5/site_perl/5.6.0/LWP/UserAgent.pm line 211
LWP::UserAgent::simple_request('LWP::UserAgent=HASH(0x2227bc)',
'HTTP::Request=HASH(0xf5cb0)', undef, undef) called at
/usr/local/lib/perl5/site_perl/5.6.0/LWP/UserAgent.pm line 249
LWP::UserAgent::request('LWP::UserAgent=HASH(0x2227bc)',
'HTTP::Request=HASH(0xf5cb0)') called at ./dammit line 32

Client-Date: Thu, 04 Oct 2001 15:27:56 GM



-Del

Del Simmons wrote:

> Hey everyone..
>
> I am using the following:
>
> machine 1: Linux 2.4.8 (RedHat 7.1 with new kernel)
> machine 2: Solaris 8
>
> packages on both machines:
> openssl version 0.9.6
> perl 5.6.0
> Crypt::SSLeay 0.31
> LWP  5.53
>
> And I have the following code in a script:
> --
> #!/usr/bin/perl
> use strict;
>
> $ENV{HTTPS_CERT_FILE} = 'certs/clcert.pem';
> $ENV{HTTPS_KEY_FILE}  = 'certs/key.pem';
>
> $ENV{HTTPS_CA_FILE} = 'certs/cacerts.pem';
> $ENV{HTTPS_CA_DIR} = '/usr/share/ssl/';
>
> $ENV{HTTPS_VERSION} = '3';
> $ENV{_SSL_DEBUG} = '1';
> $ENV{SSL_DEBUG} = '1';
> $ENV{HTTPS_DEBUG} = '1';
>
>
> use HTTP::Request::Common qw(POST);
> use LWP::UserAgent;
>
> my $ua = LWP::UserAgent->new;
> my $req = POST 'https://secure.server.name.net',
> [param => 'value'];
>
> my $res = $ua->request($req);
> 
>
> When I run this on machine 1 I get the following:
>
> 
> [del@Rhino rioport]$ ./cert_test
> SSL_connect:before/connect initialization
> SSL_connect:SSLv3 write client hello A
> SSL_connect:SSLv3 read server hello A
> SSL_connect:SSLv3 read server certificate A
> SSL_connect:SSLv3 read server key exchange A
> SSL_connect:SSLv3 read server done A
> SSL_connect:SSLv3 write client key exchange A
> SSL_connect:SSLv3 write change cipher spec A
> SSL_connect:SSLv3 write finished A
> SSL_connect:SSLv3 flush data
> SSL_connect:SSLv3 read finished A
> SSL_connect:SSL renegotiate ciphers
> SSL_connect:SSLv3 write client hello A
> SSL_connect:SSLv3 read server hello A
> SSL_connect:SSLv3 read server certificate A
> SSL_connect:SSLv3 read server key exchange A
> SSL_connect:SSLv3 read server certificate request A
> SSL_connect:SSLv3 read server done A
> SSL_connect:SSLv3 write client certificate A
> SSL_connect:SSLv3 write client key exchange A
> SSL_connect:SSLv3 write certificate verify A
> SSL_connect:SSLv3 write change cipher spec A
> SSL_connect:SSLv3 write finished A
> SSL_connect:SSLv3 flush data
> SSL_connect:SSLv3 read finished A
> SSL3 alert read:warning:close notify
> [del@Rhino rioport]$
>
> 
>--
> 
>
>
> So everything looks good under linux..  When I run it on the Solaris 
> machine I get 

Crypt::SSLeay: Code works on Linux but not Solaris.. HELP!

[Del Simmons]

Hey everyone..

I am using the following:

machine 1: Linux 2.4.8 (RedHat 7.1 with new kernel)
machine 2: Solaris 8

packages on both machines:
openssl version 0.9.6
perl 5.6.0
Crypt::SSLeay 0.31
LWP  5.53

And I have the following code in a script:
--
#!/usr/bin/perl
use strict;

$ENV{HTTPS_CERT_FILE} = 'certs/clcert.pem';
$ENV{HTTPS_KEY_FILE}  = 'certs/key.pem';

$ENV{HTTPS_CA_FILE} = 'certs/cacerts.pem';
$ENV{HTTPS_CA_DIR} = '/usr/share/ssl/';

$ENV{HTTPS_VERSION} = '3';
$ENV{_SSL_DEBUG} = '1';
$ENV{SSL_DEBUG} = '1';
$ENV{HTTPS_DEBUG} = '1';


use HTTP::Request::Common qw(POST);
use LWP::UserAgent;

my $ua = LWP::UserAgent->new;
my $req = POST 'https://secure.server.name.net',
 [param => 'value'];

my $res = $ua->request($req);


When I run this on machine 1 I get the following:


[del@Rhino rioport]$ ./cert_test
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
SSL_connect:SSL renegotiate ciphers
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server certificate request A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write certificate verify A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
SSL3 alert read:warning:close notify
[del@Rhino rioport]$

--

So everything looks good under linux..  When I run it on the Solaris 
machine I get this:

--
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL3 alert write:fatal:bad certificate
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:before/connect initialization
SSL_connect:SSLv2 write client hello A
SSL_connect:error in SSLv2 read server hello B
500 (Internal Server Error) SSL negotiation failed: error:1407E086:SSL 
routines:SSL2_SET_CERTIFICATE:certificate verify failed ; at 
/usr/local/lib/perl5/site_perl/5.6.0/sun4-solaris/Net/SSL.pm line 139. 
Client-Date: Wed, 03 Oct 2001 15:38:46 GMT
---

What would cause it to fail with "SSL3 alert write:fatal:bad 
certificate" on Solaris? Any ideas?

-Del

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]