W3C home > Mailing lists > Public > www-lib@w3.org > July to September 2000

Re: Planning to roll out a new version tomorrow

From: Ajay Shekhawat <ajay@cedar.Buffalo.EDU>
Date: Wed, 02 Aug 2000 22:12:06 -0400
Message-ID: <3988D4F6.A2E4E88F@cedar.Buffalo.EDU>
To: jose.kahan@w3.org
> To: www-lib@w3.org
> Date: Wed, 2 Aug 2000 18:29:40 +0200 (MET DST)
> From: jose.kahan@w3.org
> Subject: Planning to roll out a new version tomorrow
> 
> Folks,
> 
> I think that libwww is ready for the next version. I still need to
> add and test the patches proposed by Gary Desrochers, but many of them
> require an analysis as they concern core changes.


Jose,
I just downloaded the latest CVS snapshot (mainly because the release
version wasn't working either), and I find that SSL support seems to be
broken.

I've downloaded the latest OpenSSL version, and tried to link it 
with your latest release, and I'm getting the following error
when I try to connect to a secure server:

	SSL_connect: before/connect initialization
	SSL_connect: SSLv3 write client hello A
	SSL3 alert write:fatal:unknown
	SSL_connect: error in SSLv3 read server hello A
	HTSSLWriter. SSL returned 1
	Error....... Add  73    Severity: 1     Parameter: `Success'    Where:
`SSLWRITE'
(just the relevant lines are shown above).

This is on a RedHat Linux 6.2 machine, *with* /dev/urandom present.

On the other hand, the following test command from OpenSSL works fine:
	./openssl s_client -connect trading.etrade.com:443 -state
In this case, the debug output looks something like this:
	SSL_connect:before/connect initialization
	SSL_connect:SSLv2/v3 write client hello A
	SSL_connect:SSLv3 read server hello A
	depth=1 /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification
Authority
	verify error:num=19:self signed certificate in certificate chain
	verify return:0
	SSL_connect:SSLv3 read server certificate A
	SSL_connect:SSLv3 read server done A
	(etc.)

What could be wrong here?  BTW: the same problem occurs in release 5.3.0
also,
and not just the snapshot.

Any ideas on what could be wrong?

Ajay
Received on Thursday, 3 August 2000 11:14:07 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 23 April 2007 18:18:37 GMT