EAP/TLS change cipher spec probleme

Wed, 07 Jul 2004 07:23:01 -0700 

hello,

I'am developping a client/server application, which need to do EAP/TLS. To do this, I use OpenSSL library (0.9.6c).
All EAP/TLS messages exchanged are OK until the Server 's Change_cipher_spec message. I really don't know what could be the problem.

In fact the client send his Change cipher spec message to the server, and don't expect to receive this message after. And when the server send to the client his answer, the client does not recognize it and says : ALERT Protocol version.
I checked the buffer of the last server message and all his allright.

Is anyone know what could it be ?

thanks

I show you the log :
Server log :

Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: eap_tls: conf N ctx stored
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: Length Included
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: undefined: before/accept initialization
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: before/accept initialization
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: <<< TLS 1.0 Handshake [length 005f], ClientHello Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 read client hello A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 write server hello A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: >>> TLS 1.0 Handshake [length 030c], Certificate Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 write certificate A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: >>> TLS 1.0 Handshake [length 0066], CertificateRequest Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 write certificate request A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 flush data
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept:error in SSLv3 read client certificate A

Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: Length Included
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: <<< TLS 1.0 Handshake [length 030a], Certificate Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 read client certificate A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 read client key exchange A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], CertificateVerify Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 read certificate verify A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 read finished A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 write change cipher spec A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 write finished A
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: TLS_accept: SSLv3 flush data
Jul 7 16:19:27 aaa-1 PANA-EAP :[36120]: undefined: SSL negotiation finished successful

the client log :


Jul 7 15:07:53 panac: Loading certificate /home/fm/pac/cert/CAroot.pem . . . Jul 7 15:07:53 panac: (TLS)Loaded root certificate /home/fm/pac/cert/CAroot.pem and dirctory /home/fm/pac/cert/
Jul 7 15:07:53 panac: --- SSL : before/connect initialization
Jul 7 15:07:53 panac: --- SSL : before/connect initialization
Jul 7 15:07:53 panac: --- SSL : SSLv3 write client hello A
Jul 7 15:07:53 panac: --- SSL : SSLv3 read server hello A


Jul 7 15:07:53 panac: --- SSL : SSLv3 read server hello A
Jul 7 15:07:53 panac: --- SSL : SSLv3 read server certificate A
Jul 7 15:07:53 panac: --- SSL : SSLv3 read server certificate request A
Jul 7 15:07:53 panac: --- SSL : SSLv3 read server done A
Jul 7 15:07:53 panac: --- SSL : SSLv3 write client certificate A
Jul 7 15:07:53 panac: --- SSL : SSLv3 write client key exchange A
Jul 7 15:07:53 panac: --- SSL : SSLv3 write certificate verify A
Jul 7 15:07:53 panac: --- SSL : SSLv3 write change cipher spec A
Jul 7 15:07:53 panac: --- SSL : SSLv3 write finished A
Jul 7 15:07:53 panac: --- SSL : SSLv3 flush data
Jul 7 15:07:53 panac: --- SSL : SSLv3 read finished A

Jul  7 15:07:53  panac:      --- SSL : SSLv3 read finished A
Jul  7 15:07:53  panac:      --- ALERT : protocol version
Jul  7 15:07:53  panac:      --- SSL : SSLv3 read finished A

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to