[Pkg-openssl-devel] Bug#471681: Bug#471681: Bug#471681: libssl0.9.8: XChat cannot connect to irc.mozilla.org:6697

Kurt Roeckx kurt at roeckx.be
Wed Mar 19 21:33:40 UTC 2008 

On Wed, Mar 19, 2008 at 06:50:23PM +0100, Kurt Roeckx wrote:
> 
> I can reproduce your problem.  It's the change between 0.9.8g-4 and 
> 0.9.8g-5 that causes the problem that we didn't expect to break
> anything.

I can even reproduce it with s_client:
openssl s_client -ssl3  -host irc.mozilla.org -port 6697
CONNECTED(00000003)
3265:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1053:SSL alert number 40
3265:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530:

After removing the "-ssl3", things work properly.

When using
openssl s_client -ssl3 -debug -host irc.mozilla.org -port 6697

With -7:
CONNECTED(00000003)
write to 0x688900 [0x6926f0] (93 bytes => 93 (0x5D))
0000 - 16 03 00 00 58 01 00 00-54 03 00 47 e1 84 e2 84   ....X...T..G....
0010 - f0 01 04 a2 65 92 08 6a-83 99 f1 76 bd f8 7a 52   ....e..j...v..zR
0020 - 88 cb 23 11 4a f5 8a 75-e6 97 da 00 00 26 00 39   ..#.J..u.....&.9
0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f   .8.5.......3.2./
0040 - 00 05 00 04 00 15 00 12-00 09 00 14 00 11 00 08   ................
0050 - 00 06 00 03 02 01 00 00-04 00 23                  ..........#
005d - <SPACES/NULS>
read from 0x688900 [0x68dee0] (5 bytes => 5 (0x5))
0000 - 15 03 00 00 02                                    .....
read from 0x688900 [0x68dee5] (2 bytes => 2 (0x2))
0000 - 02 28                                             .(
10403:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1053:SSL alert number 40
10403:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530:

Repeated:
CONNECTED(00000003)
write to 0x688900 [0x6926f0] (93 bytes => 93 (0x5D))
0000 - 16 03 00 00 58 01 00 00-54 03 00 47 e1 84 a8 82   ....X...T..G....
0010 - 70 c9 c9 24 90 54 99 27-98 c9 0d 98 73 66 17 4d   p..$.T.'....sf.M
0020 - 19 7c 21 dc 9d 02 65 d1-6e fe 31 00 00 26 00 39   .|!...e.n.1..&.9
0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f   .8.5.......3.2./
0040 - 00 05 00 04 00 15 00 12-00 09 00 14 00 11 00 08   ................
0050 - 00 06 00 03 02 01 00 00-04 00 23                  ..........#
005d - <SPACES/NULS>
read from 0x688900 [0x68dee0] (5 bytes => 5 (0x5))
0000 - 15 03 00 00 02                                    .....
read from 0x688900 [0x68dee5] (2 bytes => 2 (0x2))
0000 - 02 28                                             .(

Repeated:
CONNECTED(00000003)
write to 0x688900 [0x6926f0] (93 bytes => 93 (0x5D))
0000 - 16 03 00 00 58 01 00 00-54 03 00 47 e1 83 dd 4f ....X...T..G...O
0010 - bc f9 7b b7 e3 21 c3 4e-6f 62 15 3c cb 19 c9 08 ..{..!.Nob.<....
0020 - 7f cd 03 ff b8 29 4c 4c-1a 19 4b 00 00 26 00 39 .....)LL..K..&.9
0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f .8.5.......3.2./
0040 - 00 05 00 04 00 15 00 12-00 09 00 14 00 11 00 08 ................
0050 - 00 06 00 03 02 01 00 00-04 00 23                  ..........#
005d - <SPACES/NULS>
read from 0x688900 [0x68dee0] (5 bytes => 5 (0x5))
0000 - 15 03 00 00 02                                    .....
read from 0x688900 [0x68dee5] (2 bytes => 2 (0x2))
0000 - 02 28                                             .(
3304:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake
failure:s3_pkt.c:1053:SSL alert number 40
3304:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake
failure:s3_pkt.c:530:

Using -4:
write to 0x688880 [0x692670] (87 bytes => 87 (0x57))
0000 - 16 03 00 00 52 01 00 00-4e 03 00 47 e1 86 0c c6   ....R...N..G....
0010 - 7e 9a 63 ae 98 bf 91 e9-34 50 63 7c f6 4e 42 b5   ~.c.....4Pc|.NB.
0020 - d7 2f 40 32 1c 20 79 79-e9 3b f6 00 00 26 00 39   ./@2. yy.;...&.9
0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f   .8.5.......3.2./
0040 - 00 05 00 04 00 15 00 12-00 09 00 14 00 11 00 08   ................
0050 - 00 06 00 03 02 01                                 ......
0057 - <SPACES/NULS>
read from 0x688880 [0x68de60] (5 bytes => 5 (0x5))
0000 - 16 03 00 00 2a                                    ....*
read from 0x688880 [0x68de65] (42 bytes => 42 (0x2A))
0000 - 02 00 00 26 03 00 47 e1-86 0d d3 46 c7 f0 38 b2   ...&..G....F..8.
0010 - c8 fe ae 3f 4f 7b 8e d9-9c b3 87 2a 54 e8 ef a5   ...?O{.....*T...
0020 - 86 19 d1 88 40 88 00 00-35                        .... at ...5
002a - <SPACES/NULS>
read from 0x688880 [0x68de60] (5 bytes => 5 (0x5))
0000 - 16 03 00 0f c6                                    .....
[...]

So it seems that openssl is sending something different while
I can't see a reason why it should be sending something different.


Kurt

More information about the Pkg-openssl-devel mailing list