1: 0.9.8a is VERY old, and contains quite a few security flaws that have been fixed since.
Even if your application(s) can't accept the fairly small changes needed to move to 1.0.0 or better 1.0.1, try at least to move up to or near 0.9.8y. 2: whenever you get ERROR_SYSCALL you should always look at errno on Unix (or [WSA}GetError() on Windows). What is it? 3: there are various TCP or (mostly) IP level errors that can cause a TCP connection initiation (also called handshake, but not to be confused with the SSL/TLS handshake) to fail. It wouldn't surprise me if the Linux stack returns errors to the application process in some cases that Solaris does not - or vice versa. If the errno value isn't specific enough, get a network trace on the Linux box (with tcpdump) or a machine very close: I like wireshark on Windows, also available for MacOSX, and usually one of those either exists or can be temporarily put on the desired network segment. 4: it is also possible there are actually more errors. Are you sure the Linux box's network adapter and cable are solidly good? Do any other applications (especially inbound) on that box get errors? Linux or at least most versions have iptables which functions as an IP firewall - is yours set in a way that interferes with some (or even all?) desired TCP connections? From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Arjunan, Karthikeyan Sent: Thursday, January 02, 2014 06:14 To: openssl-users@openssl.org Cc: Arjunan, Karthikeyan Subject: Open SSL errors increase in Linux compared with Solaris Hi, We have migrated from openssl-0.9.8a Solaris to Linux version. We find that there is a drastic increase in the SSL_ERROR_SYSCALL in Linux openssl version compared to Solaris. I am using SSL_accept which returns a negative value . The return code for SSL_get_error is 5. Please advise how to reduce the increase in error . Thanks, Karthikeyan Arjunan ****************************************************** This message and any files or attachments sent with this message contain confidential information and is intended only for the individual named. If you are not the named addressee, you should not disseminate, distribute, copy or use any part of this email. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return Email. Email transmission cannot be guaranteed to be secure or error-free as information can be intercepted, corrupted, lost, destroyed, late, incomplete or may contain viruses. The sender, therefore, does not accept liability for any errors or omissions in the contents of this message, which arise as a result of email transmission. ******************************************************
