- From: Ajay Shekhawat <ajay@cedar.Buffalo.EDU>
- Date: Wed, 02 Aug 2000 22:12:06 -0400
- To: jose.kahan@w3.org
> To: www-lib@w3.org > Date: Wed, 2 Aug 2000 18:29:40 +0200 (MET DST) > From: jose.kahan@w3.org > Subject: Planning to roll out a new version tomorrow > > Folks, > > I think that libwww is ready for the next version. I still need to > add and test the patches proposed by Gary Desrochers, but many of them > require an analysis as they concern core changes. Jose, I just downloaded the latest CVS snapshot (mainly because the release version wasn't working either), and I find that SSL support seems to be broken. I've downloaded the latest OpenSSL version, and tried to link it with your latest release, and I'm getting the following error when I try to connect to a secure server: SSL_connect: before/connect initialization SSL_connect: SSLv3 write client hello A SSL3 alert write:fatal:unknown SSL_connect: error in SSLv3 read server hello A HTSSLWriter. SSL returned 1 Error....... Add 73 Severity: 1 Parameter: `Success' Where: `SSLWRITE' (just the relevant lines are shown above). This is on a RedHat Linux 6.2 machine, *with* /dev/urandom present. On the other hand, the following test command from OpenSSL works fine: ./openssl s_client -connect trading.etrade.com:443 -state In this case, the debug output looks something like this: SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A SSL_connect:SSLv3 read server hello A depth=1 /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority verify error:num=19:self signed certificate in certificate chain verify return:0 SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server done A (etc.) What could be wrong here? BTW: the same problem occurs in release 5.3.0 also, and not just the snapshot. Any ideas on what could be wrong? Ajay
Received on Thursday, 3 August 2000 11:14:07 UTC