> From: owner-openssl-us...@openssl.org On Behalf Of Joel Bion
> Sent: Monday, 18 February, 2013 13:57
> The issue I have been reporting has never been on the client
> side, as the
> problem is seen when connecting into a server that is booted into a
> 1.0.1e-environment vs. a 1.0.1c based environment. The two
> environments
> are pretty much identical. They are both LinuxFromScratch based
> environments, where the core build (prior to
> OpenSSL/HTTPD/MySQL install)
> is identical, bit by bit, in both, and the primary difference
> in the two
> is to use OpenSSL 1.0.1c vs. OpenSSL 1.0.1e. So there is
> minimal server
> difference. OpenSSL 1.0.1c server can receive connections; the 1.0.1e
> cannot. The 1.0.1e reports the error as shown, and closes the
> connection -
> as can be seen in that there is much more transferred from
> the server in
> the 1.0.1c case vs. the 1.0.1e.
>
What you show is what s_client reports *talking to* 1.0.1{e,c}.
We apparently need information from the server, see below.
> Nevertheless, here is <s_client -debug, snipped>
That second -debug (to 1.0.1e) appears normal up to the point
client sends CKey,CCS,CFinished and expects STicket,SCCS,SFinished,
but instead receives "EOF" (read count 0 = normal disconnect).
Either the server process is dying and Unix is closing the socket
automatically (which shouldn't happen) or either OpenSSL or httpd
code is closing the socket when it shouldn't (unless possibly httpd
hits a time limit, but any such should be long enough you would have
noticed plus it shouldn't vary between OpenSSL versions).
After this is httpd still running, or did it die (and maybe restart,
depending on how you run it)? If it died, is there a corefile, or
if corefile is disabled (as often is on Linux) can you enable it?
Is there anything in the log, and if not (or incomplete) can you
set any option to increase logging (IMLimitedE httpd defaults to
being very reticent about logging)?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
