dcsimg
SSL Handshake error
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   jenaro_user
Posted On:   Wednesday, June 11, 2008 06:42 AM

Hi, I'm developing a ftp client over ssl throught proxy. I can connect to the proxy and to the ftp server target, logged, "AUTH SSL" command send, but al starting handshake I receive this trace: Starting handshake %% No cached client session *** ClientHello, SSLv3 RandomCookie: GMT: 1213108883 bytes = { 209, 26, 83, 45, 169, 56, 255, 53, 171, 153, 223, 238, 31, 243, 179, 236, 194, 59, 4, 204, 236, 91, 106, 192, 66, 43, 35, 75 } Session ID: {} Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_RSA_FIPS_W   More>>

Hi,


I'm developing a ftp client over ssl throught proxy.

I can connect to the proxy and to the ftp server target,
logged, "AUTH SSL" command send, but al starting
handshake I receive this trace:


			Starting handshake
			

%% No cached client session

*** ClientHello, SSLv3

RandomCookie: GMT: 1213108883 bytes = { 209, 26, 83, 45,
169, 56, 255, 53, 171, 153, 223, 238, 31, 243, 179, 236,
194, 59, 4, 204, 236, 91, 106, 192, 66, 43, 35, 75 }

Session ID: {}

Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5,
SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_AES_128_CBC_SHA,
SSL_RSA_WITH_DES_CBC_SHA,
SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_AES_128_CBC_SHA,
SSL_DHE_RSA_WITH_DES_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_DSS_WITH_AES_128_CBC_SHA,
SSL_DHE_DSS_WITH_RC4_128_SHA,
SSL_DHE_DSS_WITH_DES_CBC_SHA,
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_EXPORT_WITH_RC4_40_MD5,
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
SSL_RSA_WITH_NULL_MD5, SSL_RSA_WITH_NULL_SHA,
SSL_DH_anon_WITH_AES_128_CBC_SHA,
SSL_DH_anon_WITH_RC4_128_MD5,
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
SSL_DH_anon_WITH_DES_CBC_SHA,
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA]

Compression Methods: { 0 }

***

[write] MD5 and SHA1 hashes: len = 97

0000: 01 00 00 5d 03 00 48 4f 93 93 d1 1a 53 2d a9 38
......HO....S..8

0010: ff 35 ab 99 df ee 1f f3 b3 ec c2 3b 04 cc ec 5b
.5..............

0020: 6a c0 42 2b 23 4b 00 00 36 00 04 00 05 00 2f 00
j.B..K..6.......

0030: 09 fe fe 00 0a fe ff 00 33 00 15 00 16 00 32 00
........3.....2.

0040: 66 00 12 00 13 00 03 00 08 00 06 00 14 00 11 00
f...............

0050: 01 00 02 00 34 00 18 00 1b 00 1a 00 17 00 19 01
....4...........

0060: 00
.
main, WRITE: SSLv3 Handshake, length = 97

main, handling exception: java.net.SocketException:
Connection reset

[b]main, SEND SSLv3 ALERT: fatal, description =
unexpected_message[/b]

main, WRITE: SSLv3 Alert, length = 2

Exception sending alert: java.net.SocketException: Broken
pipe

main, called closeSocket()

java.net.SocketException: Connection reset

at
java.net.SocketInputStream.read(SocketInputStream.java:168)

at com.ibm.jsse2.a.a(Unknown Source)
at com.ibm.jsse2.a.a(Unknown Source)

at com.ibm.jsse2.by.a(Unknown Source)

at com.ibm.jsse2.by.l(Unknown Source)

at com.ibm.jsse2.by.startHandshake(Unknown Source)

at
afb.mad.com.net.SSLSupport.handshake(SSLSupport.java:139)
at
afb.mad.com.net.ComFTPSClient.main(ComFTPSClient.java:804)
print list




I send the "hello client" message but not receive the "hello server" message
() tsl rfc ) 7.4.



don't I receive the message? Or can't I read this message? ...


Thanks in advance.



code:

			

SSLSocketFactory sslFact =
(SSLSocketFactory)SSLSocketFactory.getDefault();


SSLSocket sslSocket = (SSLSocket)
sslFact.createSocket(socket, socket

.getInetAddress().getHostAddress(), socket.getPort(), true);
if ( isControllConnection()) {


out = sslSocket.getOutputStream();


} else {

out = new
BandwidthControlledOutputStream(sslSocket.getOutputStream(), maxUpload);


}

if (isControllConnection()) {

in = sslSocket.getInputStream();


} else {


in = new
BandwidthControlledInputStream(sslSocket.getInputStream(),maxDownload);

}

sslSocket.setEnabledCipherSuites(sslSocket.getEnabledCipherSuites());


sslSocket.setEnabledProtocols(sslSocket.getSupportedProtocols());
sslSocket.setEnableSessionCreation(true);

sslSocket.setSoTimeout(100000);

// enable all the suites


String[] supported = sslSocket.getSupportedCipherSuites();

sslSocket.setEnabledCipherSuites(supported);

sslSocket.setUseClientMode(true);

sslSocket.startHandshake();


   <<Less
About | Sitemap | Contact