On Wed, Dec 18, 2013, Ron Barber via RT wrote:
> Thanks Steve. After applying the patch and letting it run in production
> for approx. 5 hours I did not see any crashes. The only suspicious (i.e.
> Change in behavior from previous) looking error message was two of these:
> [Dec 18 15:27:51.789] Server {0x2ab820908700} ERROR:
> SSL::27:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
> number:s3_pkt.c:337:
> [Dec 18 17:15:41.125] Server {0x2ab820605700} ERROR:
> SSL::24:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
> number:s3_pkt.c:337:
>
Many thanks for that info. I think I've traced the cause of the thing now with
that clue. It might have security implications (DoS only though) so I'll keep
any further details off the public mailing lists.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
