[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: error in SSLv3 read client hello
From: tensy joseph <rajanchittil () gmail ! com>
Date: 2009-11-28 13:43:03
Message-ID: c821e2f00911280531v19f61e6w2bb454a4e26a6ce8 () mail ! gmail ! com
[Download RAW message or body]
Hi Jean,
You are getting this error because either client or server is trying to
renegotiate the session. The OpenSSL team has applied the patch which will
disable all the renegotiation and hence will break all renegotiation attempt
.This patch is released to take care of Security Vulnerabilty Issue
CVE-2009-3555. If the client needs to do renegotiation then you will have to
live with a vulnerable server for now.
Thanks
Rajan
2009/11/28 Jean-Christophe Baptiste <jc@phocean.net>
> Hi all,
>
> I can confirm the following issue :
> http://www.mail-archive.com/openssl-users@openssl.org/msg59562.html
>
> As an openSUSE user, I reported the bug there :
> https://bugzilla.novell.com/show_bug.cgi?id=558176
>
> They applied the same patch and I am having the same "Exit: error in
> SSLv3 read client hello A" error.
>
> How many people are aware of it ? Is there any patch yet ?
>
> Thank you for your help,
>
> JC
>
[Attachment #3 (text/html)]
Hi Jean,<br><br>You are getting this error because either client or server is trying \
to renegotiate the session. The OpenSSL team has applied the patch which will disable \
all the renegotiation and hence will break all renegotiation attempt .This patch is \
released to take care of Security Vulnerabilty Issue CVE-2009-3555. If the client \
needs to do renegotiation then you will have to live with a vulnerable server for \
now.<br> <br>Thanks<br>Rajan<br><br><div class="gmail_quote">2009/11/28 \
Jean-Christophe Baptiste <span dir="ltr"><<a \
href="mailto:jc@phocean.net">jc@phocean.net</a>></span><br><blockquote \
class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt \
0pt 0.8ex; padding-left: 1ex;"> Hi all,<br>
<br>
I can confirm the following issue :<br>
<a href="http://www.mail-archive.com/openssl-users@openssl.org/msg59562.html" \
target="_blank">http://www.mail-archive.com/openssl-users@openssl.org/msg59562.html</a><br>
<br>
As an openSUSE user, I reported the bug there :<br>
<a href="https://bugzilla.novell.com/show_bug.cgi?id=558176" \
target="_blank">https://bugzilla.novell.com/show_bug.cgi?id=558176</a><br> <br>
They applied the same patch and I am having the same "Exit: error in<br>
SSLv3 read client hello A" error.<br>
<br>
How many people are aware of it ? Is there any patch yet ?<br>
<br>
Thank you for your help,<br>
<font color="#888888"><br>
JC<br>
</font></blockquote></div><br><input id="gwProxy" type="hidden"><input \
onclick="jsCall();" id="jsProxy" type="hidden"><div id="refHTML"></div>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic