> Another trial forcing tls1 on both sides of the connection did not
> result in the above "Length Mismatch" error. Here is the output of
> that trial's ssl dump. Any thoughts?
>
> New TCP connection #67: localhost.localdomain(42489) <->
> localhost.localdomain(5758)
> 67 1 0.0032 (0.0032) C>SV3.1(95) Handshake
> ClientHello
> Version 3.1
> random[32]=
> 45 7d 8d 96 89 31 b1 d3 cf 44 80 ae 06 eb 1d ac
> 48 d0 8e bd 96 b5 b8 da c9 cc c0 0c e5 6a ec d7
> cipher suites
> Unknown value 0x39
> Unknown value 0x38
> Unknown value 0x35
> TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> TLS_RSA_WITH_3DES_EDE_CBC_SHA
> Unknown value 0x33
> Unknown value 0x32
> Unknown value 0x2f
> TLS_DHE_DSS_WITH_RC4_128_SHA
> TLS_RSA_WITH_RC4_128_SHA
> TLS_RSA_WITH_RC4_128_MD5
> TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
> TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
> TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
> TLS_DHE_RSA_WITH_DES_CBC_SHA
> TLS_DHE_DSS_WITH_DES_CBC_SHA
> TLS_RSA_WITH_DES_CBC_SHA
> TLS_DHE_DSS_WITH_RC2_56_CBC_SHA
> TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
> TLS_RSA_EXPORT1024_WITH_RC4_56_MD5
> TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
> TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
> TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
> TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
> TLS_RSA_EXPORT_WITH_RC4_40_MD5
> compression methods
> NULL
This one did not offer the extra "unknown" (presumably "zlib")
compression.
Ah, yes. It seems that I was using the s_client 0.9.7a in the last
trial regardless, the same "wrong version number" error was produced
when using s_client 0.9.8d. Here is the trial using 0.9.8d. Still
getting the unknown SSL content type, followed by alert.
New TCP connection #1333: localhost.localdomain(46983) <->
localhost.localdomain(5758)
1333 1 0.0024 (0.0024) C>SV3.1(84) Handshake
ClientHello
Version 3.1
random[32]=
45 7d 9b e3 b9 fb bb 4d 4b d0 1c d8 51 0b 1c 3e
50 5c 3a cc f9 8b e9 96 b9 0a 7e 6a 22 43 32 b3
cipher suites
Unknown value 0x39
Unknown value 0x38
Unknown value 0x35
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0x33
Unknown value 0x32
Unknown value 0x2f
TLS_RSA_WITH_IDEA_CBC_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
compression methods
unknown value
NULL
1333 2 0.0073 (0.0048) S>CV3.1(74) Handshake
ServerHello
Version 3.1
random[32]=
45 7d 9b e3 24 39 a3 fd e2 24 33 9a 47 31 72 82
ad 34 e0 53 b2 a1 97 4f 45 51 a5 43 66 8e 43 81
session_id[32]=
33 7f 47 05 02 24 a8 10 20 df 51 69 0b 0f 05 3d
06 73 37 0e 77 1a 06 bc 40 65 f8 f7 06 f8 8d d6
cipherSuite Unknown value 0x35
compressionMethod unknown value
1333 3 0.0073 (0.0000) S>CV3.1(889) Handshake
Certificate
1333 4 0.0073 (0.0000) S>CV3.1(4) Handshake
ServerHelloDone
1333 5 0.0140 (0.0066) C>SV3.1(134) Handshake
ClientKeyExchange
1333 6 0.0539 (0.0399) C>SV3.1(1) ChangeCipherSpec
1333 7 0.0539 (0.0000) C>SV3.1(48) Handshake
1333 8 0.0561 (0.0022) S>CV3.1(1) ChangeCipherSpec
1333 9 0.0561 (0.0000) S>CV3.1(48) Handshake
1333 10 3.1262 (3.0700) C>SV3.1(32) application_data
Unknown SSL content type 0
1333 11 3.1289 (0.0027) C>SV44.0(32) Alert
1333 3.1294 (0.0005) C>S TCP RST
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]