Emmanuel Dreyfus manu@netbsd.org wrote:
- Reading SSL_get_error(3), I would be in the "EOF was observed that
violates the procol" situation: SSL_ERROR_SYSCALL Some I/O error occurred. The OpenSSL error queue may contain more information on the error. If the error queue is empty (i.e. ERR_get_error() returns 0), ret can be used to find out more about the error: If ret == 0, an EOF was observed that violates the pro- tocol. If ret == -1, the underlying BIO reported an I/O error (for socket I/O on Unix systems, consult errno for details).
ssldump tells me that the connexion is immedialty terminated by the client:
A connection, as reported by ssldump, that will exhibit "TLS negociation failure: New TCP connection #3: client (51203) <-> server (636) 3 0.0007 (0.0007) C>S TCP FIN 3 0.0014 (0.0007) S>C TCP FIN
A sane connextion; New TCP connection #4: client (51204) <-> server (636) 4 1 0.0007 (0.0007) C>S SSLv2 compatible client hello Version 3.1 cipher suites
Any idea of what could cause that?