[SR-Users] Strange TLS issue

Jirka Jirout jirka.jirout at me.com
Tue Mar 12 09:36:49 CET 2013


Hello,

I have enabled re-negotiation, which does not do too much good I am afraid. However, the connection attempts do get thru to kamailio now, although I am afraid it does not help either.

Mar 12 09:16:23 crypto2 /usr/sbin/kamailio[404]: ERROR: tls [tls_server.c:1190]: TLS accept:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message
Mar 12 09:16:23 crypto2 /usr/sbin/kamailio[404]: ERROR: <core> [tcp_read.c:1127]: ERROR: tcp_read_req: error reading 

I went thru our client code and it does the following:

SSL_CTX_new(SSLv23_client_method()) or SSL_CTX_new(SSLv23_server_method())))

SSL_CTX_set_mode(transport->tls.ctx_client, SSL_MODE_AUTO_RETRY)
SSL_CTX_set_mode(transport->tls.ctx_server, SSL_MODE_AUTO_RETRY)
SSL_CTX_set_verify(transport->tls.ctx, SSL_VERIFY_NONE, null)

SSL_CTX_set_cipher_list(transport->tls.ctx, "AES256-SHA")

SSL_new(ssl_ctx)
SSL_set_fd(ssl, fd)

SSL_connect(ssl)

and then of course SSL_write() and SSL_read()

regards, jj


More information about the sr-users mailing list