Joshua Chamas wrote:
> If you go into Crypt::SSLeay lib/Net/SSL.pm and change
> the default connect value it would be nice to see how
> a normal request might finish in this regard. Why its
> sticking on the read finished A, I don't know ( might
> be sticking on the next command )
This fixed the problem -- I changed the default connect value to 3 in
sub configure:
my $ssl_version = delete $arg->{SSL_Version} || 3;
After this it connected and worked great, although it gave an SSLv3
Alert before it went on its merry way:
[tcarter@fletch tcarter]$ ./ppl_test
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
SSL3 alert read:warning:close notify
So was the initial attempt at v23 causing a problem? It seems as though
the transition was made just fine from v23 to v3 by Crypt::SSLeay... Is
the server somehow left in a bad state after the v23 attempt is made by
Crypt::SSLeay (and therefore the v3 attempt, which works fine when it is
done first, fails after a v23 attempt)?
> Since your setup is pretty hard to reproduce, I would recommend
> debugging the SSL_read command in Crypt::SSLeay SSLeay.xs,
> what if you change the SSL_read to really do nothing, will
> you get past that call, and exit normally? Then the problem
> is likely in there.
I commented out all of the code under SSL_read and just returned RETVAL
= &PL_sv_undef. This did not change the problem (with the default
connect 23), it still hangs and gives me the same LWP error.
So, I can get around the problem by compiling with SSLv3 as the default
connection, I guess. Is there anything else I should try in order to
determine if this is a Crypt::SSLeay problem or a problem with the
server I am talking to?
> > PS -- a perhaps separate issue: I also have a RH7.0 box (with Perl 5.6)
> > that I have been using to test this problem -- the same issues existed
> > with Crypt::SSLeay 0.16, LWP 5.47. So I tried to install Crypt::SSLeay
> > 0.18 and it compiled and installed without a complaint, but then when I
> > try to run the script, I get a:
> > LWP::UserAgent::request: Simple response: Not Implemented
> > 501 (Not Implemented) Protocol scheme 'https' is not supported
> > I made sure to use kgcc to compile, but that didn't make a difference --
> > any suggestions?
> >
>
> This seems unrelated to me. This points to the LWP::Protocol::https
> not loading properly, maybe due to Crypt::SSLeay not working,
> the latter which you can check with the ./net_ssl_test.
>
[tcarter@russell Crypt-SSLeay-0.18]$ ./net_ssl_test
Can't load
'/usr/lib/perl5/site_perl/5.6.0/i386-linux/auto/Crypt/SSLeay/SSLeay.so'
for module Crypt::SSLeay: undefined symbol: X509_free at
/usr/lib/perl5/5.6.0/i386-linux/DynaLoader.pm line 200.
at /usr/lib/perl5/site_perl/5.6.0/i386-linux/Net/SSL.pm line 10
Compilation failed in require at
/usr/lib/perl5/site_perl/5.6.0/i386-linux/Net/SSL.pm line 10.
Compilation failed in require at ./net_ssl_test line 7.
BEGIN failed--compilation aborted at ./net_ssl_test line 7.
Yep, it fails. Strange, I am able to get versions prior to 0.18 to
install without a problem.
(Any ideas? :) )
Thanks for your help, I really appreciate it.
-Troy
--
Troy Carter
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
