Troy Carter wrote:
>
> (1) Used the cli.cpp client example in the openssl source tree -- this
> would not connect at first, it displayed the same behavior as my perl
> script (just hung there after the initial SSL_write -- it got the server
> certificate and sucessfully got through the SSL_write, but then seemed
> to hang on the SSL_read). But, I changed the line
>
> meth = SSLv2_client_method(); to meth = SSLv3_client_method();
>
> And then it connected just fine and I was able to GET / with no
> problems.
>
> (2) I grabbed the latest Crypt-SSLeay and set DEFINE_SSL_STATE to 1 (and
> used LWP::debug qw(+);), and reran the program, and here is the
> debugging output:
>
> [tcarter@fletch tcarter]$ ./ppl_test
> LWP::UserAgent::new: ()
> LWP::UserAgent::request: ()
> LWP::UserAgent::simple_request: GET https://<our firewall server here>/
> LWP::UserAgent::_need_proxy: Not proxied
> LWP::Protocol::http::request: ()
> SSL_connect:before/connect initialization
> SSL_connect:SSLv2/v3 write client hello A
Crypt::SSLeay generall tries a v23, v3, and then v2 connections
in that order to connect to a server, as I have found servers
to respond to the different types.
> SSL_connect:SSLv3 write client key exchange A
> SSL_connect:SSLv3 write change cipher spec A
> SSL_connect:SSLv3 write finished A
> SSL_connect:SSLv3 flush data
> SSL_connect:SSLv3 read finished A
> Can't call method "request" on an undefined value at
> /usr/lib/perl5/site_perl/5.005/LWP/UserAgent.pm line 227.
If you go into Crypt::SSLeay lib/Net/SSL.pm and change
the default connect value it would be nice to see how
a normal request might finish in this regard. Why its
sticking on the read finished A, I don't know ( might
be sticking on the next command )
Since your setup is pretty hard to reproduce, I would recommend
debugging the SSL_read command in Crypt::SSLeay SSLeay.xs,
what if you change the SSL_read to really do nothing, will
you get past that call, and exit normally? Then the problem
is likely in there.
>
> PS -- a perhaps separate issue: I also have a RH7.0 box (with Perl 5.6)
> that I have been using to test this problem -- the same issues existed
> with Crypt::SSLeay 0.16, LWP 5.47. So I tried to install Crypt::SSLeay
> 0.18 and it compiled and installed without a complaint, but then when I
> try to run the script, I get a:
> LWP::UserAgent::request: Simple response: Not Implemented
> 501 (Not Implemented) Protocol scheme 'https' is not supported
> I made sure to use kgcc to compile, but that didn't make a difference --
> any suggestions?
>
This seems unrelated to me. This points to the LWP::Protocol::https
not loading properly, maybe due to Crypt::SSLeay not working,
the latter which you can check with the ./net_ssl_test.
* whew * good luck.
-- Josh
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
