On 12/11/06, Marek Marcola <[EMAIL PROTECTED]> wrote:
This TLS1 looks good, but sorry I've forget xX options,
so output from "ssldump -aAdNxX" should give more information
(SSL packet dump) with ending error.
Hrm... ssldump fails during the handshake with a 'Length Mismatch"
error with the xX options. Here is the output;
New TCP connection #5: localhost.localdomain(53503) <->
localhost.localdomain(5758)
5 1 0.0024 (0.0024) C>S SSLv2 compatible client hello
Version 3.1
cipher suites
Unknown value 0x39
Unknown value 0x38
Unknown value 0x35
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
SSL2_CK_3DES
Unknown value 0x33
Unknown value 0x32
Unknown value 0x2f
TLS_RSA_WITH_IDEA_CBC_SHA
SSL2_CK_IDEA
SSL2_CK_RC2
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
SSL2_CK_RC4
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
SSL2_CK_DES
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
SSL2_CK_RC2_EXPORT40
TLS_RSA_EXPORT_WITH_RC4_40_MD5
SSL2_CK_RC4_EXPORT40
Packet data[108]=
80 6a 01 03 01 00 51 00 00 00 10 00 00 39 00 00
38 00 00 35 00 00 16 00 00 13 00 00 0a 07 00 c0
00 00 33 00 00 32 00 00 2f 00 00 07 05 00 80 03
00 80 00 00 05 00 00 04 01 00 80 00 00 15 00 00
12 00 00 09 06 00 40 00 00 14 00 00 11 00 00 08
00 00 06 04 00 80 00 00 03 02 00 80 91 55 24 ce
72 4d 72 01 68 d9 56 6c 86 9c 59 f6
5 2 0.0053 (0.0029) S>CV3.1(74) Handshake
ServerHello
Version 3.1
random[32]=
45 7d b0 b3 87 26 d8 05 b8 27 68 85 01 f5 5e 59
8a 67 d1 ac 3d 94 bc d6 45 c4 f0 42 7a a1 60 ec
session_id[32]=
2e ab ad 61 fe 1e 47 6a f2 a2 0f 06 c9 61 23 13
d1 4f 24 e4 5f f3 89 ea 25 8c 90 2d ea b7 fa aa
cipherSuite Unknown value 0x35
compressionMethod NULL
Packet data[79]=
16 03 01 00 4a 02 00 00 46 03 01 45 7d b0 b3 87
26 d8 05 b8 27 68 85 01 f5 5e 59 8a 67 d1 ac 3d
94 bc d6 45 c4 f0 42 7a a1 60 ec 20 2e ab ad 61
fe 1e 47 6a f2 a2 0f 06 c9 61 23 13 d1 4f 24 e4
5f f3 89 ea 25 8c 90 2d ea b7 fa aa 00 35 00
5 3 0.0053 (0.0000) S>CV3.1(889) Handshake
Certificate
Subject
C=US
ST=Illinois
L=Chicago
O=Blah
CN=BLAH-SRV-BLAH
[EMAIL PROTECTED]
Issuer
C=US
ST=Illinois
L=Chicago
O=Blah
CN=BLAH-SRV-BLAH
[EMAIL PROTECTED]
Serial 00
Extensions
Extension: X509v3 Subject Key Identifier
Extension: X509v3 Authority Key Identifier
Extension: X509v3 Basic Constraints
Packet data[894]=
16 03 01 03 79 0b 00 03 75 00 03 72 00 03 6f 30
82 03 6b 30 82 02 d4 a0 03 02 01 02 02 01 00 30
0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81
86 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11
30 0f 06 03 55 04 08 13 08 49 6c 6c 69 6e 6f 69
73 31 10 30 0e 06 03 55 04 07 13 07 43 68 69 63
61 67 6f 31 12 30 10 06 03 55 04 0a 13 09 43 6f
6e 6e 61 6d 61 72 61 31 18 30 16 06 03 55 04 03
13 0f 43 48 49 2d 53 52 56 2d 4f 50 50 44 45 56
31 31 24 30 22 06 09 2a 86 48 86 f7 0d 01 09 01
16 15 63 62 75 73 62 65 79 40 63 6f 6e 6e 61 6d
61 72 61 2e 63 6f 6d 30 1e 17 0d 30 36 31 32 30
34 32 33 30 32 35 33 5a 17 0d 30 39 30 38 33 30
32 33 30 32 35 33 5a 30 81 86 31 0b 30 09 06 03
55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04 08
13 08 49 6c 6c 69 6e 6f 69 73 31 10 30 0e 06 03
55 04 07 13 07 43 68 69 63 61 67 6f 31 12 30 10
06 03 55 04 0a 13 09 43 6f 6e 6e 61 6d 61 72 61
31 18 30 16 06 03 55 04 03 13 0f 43 48 49 2d 53
52 56 2d 4f 50 50 44 45 56 31 31 24 30 22 06 09
2a 86 48 86 f7 0d 01 09 01 16 15 63 62 75 73 62
65 79 40 63 6f 6e 6e 61 6d 61 72 61 2e 63 6f 6d
30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01
05 00 03 81 8d 00 30 81 89 02 81 81 00 a1 17 50
53 10 ef 67 24 62 b5 6a 76 9d dd c5 32 61 9d 9d
b4 59 43 a2 a8 9a 72 11 7d c0 36 4d 9f 1e ae 25
30 01 97 3d 90 54 bd b1 1a 3e 65 ec 3f 56 1b 79
39 03 57 08 74 29 6f 0b 19 e1 ca 5d 3b 8e 25 de
54 28 15 d0 f0 8c c2 0f 41 5a db ba e8 67 8a e1
af 93 0f f9 11 d4 8f e7 6c 6a 2a d9 8d 1f 9a df
46 0b 61 3b 17 75 00 08 fd 5d f5 b8 57 00 90 4d
83 25 bf 47 22 ab b2 d7 0e 83 9a 28 c3 02 03 01
00 01 a3 81 e6 30 81 e3 30 1d 06 03 55 1d 0e 04
16 04 14 23 cf 32 38 42 52 75 4f 8f 4d ae d5 05
b5 68 76 30 a0 18 01 30 81 b3 06 03 55 1d 23 04
81 ab 30 81 a8 80 14 23 cf 32 38 42 52 75 4f 8f
4d ae d5 05 b5 68 76 30 a0 18 01 a1 81 8c a4 81
89 30 81 86 31 0b 30 09 06 03 55 04 06 13 02 55
53 31 11 30 0f 06 03 55 04 08 13 08 49 6c 6c 69
6e 6f 69 73 31 10 30 0e 06 03 55 04 07 13 07 43
68 69 63 61 67 6f 31 12 30 10 06 03 55 04 0a 13
09 43 6f 6e 6e 61 6d 61 72 61 31 18 30 16 06 03
55 04 03 13 0f 43 48 49 2d 53 52 56 2d 4f 50 50
44 45 56 31 31 24 30 22 06 09 2a 86 48 86 f7 0d
01 09 01 16 15 63 62 75 73 62 65 79 40 63 6f 6e
6e 61 6d 61 72 61 2e 63 6f 6d 82 01 00 30 0c 06
03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a
86 48 86 f7 0d 01 01 04 05 00 03 81 81 00 28 d7
ca 7f 50 fe 55 70 24 20 57 3d 2e f4 30 8b ff 0f
d6 16 3b 18 d3 84 ba 17 54 b2 a6 6e 45 1e 3f b5
cf 6e d1 90 4e a7 bf d8 2b a8 7d ae 7c 69 f6 e4
72 33 cc 73 12 db 71 f5 56 00 69 e5 5a 47 92 6c
9c 34 a1 0e 7c 02 b3 aa e8 e0 98 e6 dc 68 77 81
78 42 78 61 b6 3b 02 15 71 cc 09 8d 19 81 62 8c
8e b5 fa 9d cc 61 21 06 57 1d a9 c5 d1 70 81 14
1e 12 cb e7 ae d2 d2 df 7a a5 70 1a 50 5d
5 4 0.0053 (0.0000) S>CV3.1(4) Handshake
ServerHelloDone
Packet data[9]=
16 03 01 00 04 0e 00 00 00
5 5 0.0256 (0.0203) C>SV3.1(134) Handshake
ClientKeyExchange
Packet data[139]=
16 03 01 00 86 10 00 00 82 00 80 2a 13 72 b1 21
cf db 06 bd 58 d9 de 6a 2f 71 60 79 dc 19 ce e6
96 1a 17 d8 2c d3 0e 9f c1 74 aa 29 29 49 34 d7
f4 a4 33 a9 ad b4 7b de 7e 4f e0 73 01 99 c7 a9
1d 97 79 49 4f 22 5c cd 07 b3 5e 3b 7b 39 2f 43
ad 84 76 5b 12 0f f8 80 96 c7 53 de d2 b8 ef dc
89 ce df 44 64 a9 c5 7b 6a e7 26 41 24 f6 e7 51
d3 d3 cd 9f 01 5e d6 8e 1a c3 a5 17 e6 53 46 06
e8 ee 80 9d 9c 54 07 ba 63 87 3d
ERROR: Length mismatch
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
