httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: SSL deadlock after SSLv3 key exchange A?
Date Fri, 23 Sep 2005 12:19:40 GMT
On Thu, Sep 22, 2005 at 06:37:48PM +0200, Martin Kraemer wrote:
> bigbundle.txt was incomplete because of the missing fflush -- it
> ended in:
> 
> > 0b10 - 16 06 03 55 04 0a 13 0f-47 54 45 20 43 6f 72 70   ...U....GTE Corp
> > 0b20 - 6f 72 61 74 69 6f 6e 31-27 30 25 06 03 55 04 0b   oration1'0%..U..
> > 0b30 - 13 1e 47 54 45 20 43 79-62 65 72 54 72 75 73 74   ..GTE CyberTrust
> > 0b40 - 20 53 6f 6c 75 74 69 6f-6e 73 2c 20 49 6e 63
> 
> When debugging to stdout, the missing end looks something like this:
> 0d20 - 13 1c 28 63 29 20 31 39-39 39 20 45 6e 74 72 75   ..(c) 1999 Entru
> 0d30 - 73 74 2e 6e 65 74 20 4c-69 6d 69 74 65 64 31 3a   st.net Limited1:
> 0d40 - 30 38 06 03 55 04 03 13-31 45 6e 74 72 75 73 74   08..U...1Entrust
> 0d50 - 2e 6e 65 74 20 53 65 63-75 72 65 20 53 65 72 76   .net Secure Serv
> 0d60 - 65 72 20 43                                       er C
> read from 080AFCB8 [080EC461] (5558 bytes => 0 (0x0))
> 1282:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226:

This looks like a hard failure rather than a hang though, if the client 
has printed an error message?

Can you send (to me privately if necessary) the SSL CA bundle which you 
use to trigger the issue?

joe

Mime
View raw message