To whom it may concern: I've tried to port SSLv3 into our product, however I am having problem getting it to work. I used the test app; s_client.c, to communicate with my server app. In the client's cipher list, it proposes "RSA+DES+SHA", and my server app cipher list contains SSL_TXT_DES_64_CBC_WITH_SHA. Judging on the output from the client and some debug output from my server, there is a match on the negotiation. However, I received a handshake failure during SSL3_READ_BYTES. Attached is the output from the client. Any help would be much appreciated! Regards, ----------------------------------------- Amy Weaver mailto:[EMAIL PROTECTED] VPNet Technologies http://www.vpnet.com Phone: (408) 404-1342 Fax: (408) 404-1313 ----------------------------------------- <<output2.txt>>
+------------------------------------------------------------------------------+ | Output with the following setup: | | | | - Client (in c:\ssl_client\ssl_client\s_client.c): | | SSL_set_cipher_list(con,"RSA+DES+SHA"); | | | | - Server (in c:\src\netterm\common\rtos\so0.c: | | in so_ssl_context_init(): | | cipher_null_allowed = SSL_TXT_DES_64_CBC_WITH_SHA ; | | cipher_null_rejected = SSL_TXT_DES_64_CBC_WITH_SHA ; | | | +------------------------------------------------------------------------------+ Output from Client: ------------------ Loading 'screen' into random state - done CONNECTED SSL_connect:before/connect initialization SSL_connect:SSLv3 write client hello A SSL_connect:SSLv3 read server hello A depth=0 /C=US/ST=CA/L=San Jose/O=VPNet Technologies, Inc./CN=VSU6048 verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /C=US/ST=CA/L=San Jose/O=VPNet Technologies, Inc./CN=VSU6048 verify error:num=27:certificate not trusted verify return:1 depth=0 /C=US/ST=CA/L=San Jose/O=VPNet Technologies, Inc./CN=VSU6048 verify error:num=21:unable to verify the first certificate verify return:1 SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL3 alert read:fatal:handshake failure SSL_connect:failed in SSLv3 read finished A 4294471037:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake fai lure:.\ssl\s3_pkt.c:956:SSL alert number 40 4294471037:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:.\ ssl\s3_pkt.c:490: Output from Server (debug print out in Console): ----------------------------------------------- client [ 0 of 2]:DES-CBC-SHA client [ 1 of 2]:EXP-DES-CBC-SHA server pref 1 ciphers server [ 0 of 1]:DES-CBC-SHA match - DES-CBC-SHA
