On Thu, 2010-01-21 at 22:52 +1300, David Woodhouse wrote: > On Thu, 2009-12-17 at 15:29 +0000, David Woodhouse wrote: > > > > [r...@dwoodhou-mobl2 ~]# openconnect -c vpn.pem --key-password=$PIN > > $VPNSERVER --script /etc/vpnc/vpnc-script --mtu 1266 > > Attempting to connect to $VPNSERVER > > SSL negotiation with $VPNSERVER > > SSL connection failure > > 140715435644776:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 > > alert decrypt error:s3_pkt.c:1160:SSL alert number 51 > > It's working fine with openssl 0.9.8m-beta1, but if I build against > 1.0.0-beta5 it fails as above.
The same happens if I use openssl s_client: 29749:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error:s3_pkt.c:1115:SSL alert number 51 29749:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:183: Now that I have OpenSSL imported into a modern version control system, I've found the offending commit: http://git.infradead.org/users/dwmw2/openssl-parsecvs.git/commitdiff/e919a29b Unfortunately, while I can convert from CVS into git I can't retroactively impose the good practice of committing small changes one at a time. That commit has: 31 files changed, 699 insertions(+), 951 deletions(-) -- David Woodhouse Open Source Technology Centre [email protected] Intel Corporation ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
