Re: Unknown error being generated by openssl-0.9.8a

Tue, 09 May 2006 15:19:16 -0700


Interestingly enough, we found out why the connection is failing.  However, we are not sure why openssl doesn't detect it as an error.
After we send the first hand-shake of the SSL negotiation to the server, we get a RST (ECONNRESET) on the subsequent read for the server's response.
We're not sure why right now but we think a piece of network equipment (e.g. a firewall) is detecting an FTP session but gets confused when the encrypted data starts and kills the connection.



   "Stewart Dean" <[EMAIL PROTECTED]>
   Sent by: [EMAIL PROTECTED]

   05/09/2006 08:08 AM

   Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
Re: Unknown error being generated by openssl-0.9.8a





my pleasure.  One of the great things of the internet is creation of
virtual interest groups....we hardly see each other in the flesh, but
share a common ground daily.....

Dr. Stephen Henson wrote:
> On Mon, May 08, 2006, Adam Ringel wrote:
>
>  
>> We are using the openssl-0.9.8a library in a program called lftp to use
>> FTP over an SSL channel on a Solaris platform.  We are getting an unknown
>> error when we try to connect to a FTPS server running SecureTransport
>> 4.1.1
>>
>> The triggering function is: SSL_connect
>> The results of a call to ERR_error_string return -
>>         error:00000000:lib(0):func(0):reason(0)
>>
>> The only other information I have is that the result from ERR_GET_LIB() is
>> not equal to ERR_LIB_SSL.
>> We negotiated the folowing parameters with the FTPS server before the
>> error was obtained:
>> ---> AUTH SSL
>> <--- 234 SSLv23/TLSv1
>> ---> OPTS UTF8 ON
>>
>> Does anybody have any idea of what error:00000000 signifies?
>>    
>
> Yes it signifies that ERR_err_string() shouldn't have been called because an
> error wasn't added to the error queue...
>
> Steve.
> --
> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
> OpenSSL project core developer and freelance consultant.
> Funding needed! Details on homepage.
> Homepage: http://www.drh-consultancy.demon.co.uk
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           [EMAIL PROTECTED]
>  

--
====
Stewart Dean, Unix System Admin, Henderson Computer Resources
Center of Bard College, Annandale-on-Hudson, New York  12504  
[EMAIL PROTECTED]  voice: 845-758-7475, fax: 845-758-7035

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to