Jinhua Zhu wrote:
> Hello,
> I'm doing a project using EAP-TTLS for authenticating users,
> it's run ok when just have a single access, but when I have
> more times access continuously there will generate a log
> "SSL: SSL3 alert: write (local SSL3 detected an error):fatal:bad record
> mac"
>
>
> context is
> server has sent it's cert, and then received the EAP-Response which composed
>
> with "client key exchange" "change cipher spec" and "Encrypto handshake
> Message"
> but occur an error at the moment,
> --log begin---
> EAP-TTLS: Received packet(len=204) - Flags 0x00
> SSL: (where=0x2001 ret=0x1)
> SSL: SSL_accept:SSLv3 read client key exchange A
> SSL: (where=0x4008 ret=0x214)
> SSL: SSL3 alert: write (local SSL3 detected an error):fatal:bad record mac
> SSL: (where=0x2002 ret=0xffffffff)
> SSL: SSL_accept:error in SSLv3 read certificate verify A
> SSL: 7 bytes pending from ssl_out
> SSL: 7 bytes left to be sent out (of total 7 bytes)
> --log end---
> the eap message content is
> 15 00 15 03 01 00 02 02 14
>
> who can give me some suggestion about which situation can induce this result
> ?
> i think this packet is correct and ethreal can resolve it well.
>
> Thanks a lot
>
>
I had this problem and the only solution was to use TLSv1. Don't know
if that helps.
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org

Thanks,

i think that it maybe caused by threads conflict and detect had not
implement locking callback

since implemented the following two callback function
CRYPTO_set_id_callback(id_function);
CRYPTO_set_locking_callback(locking_function);
by reference threads.doc. it appear not occur now, and other wrong like
*_cmp exception also eliminate

thanks all




On 7/3/08, doki_pen wrote:
>
> Jinhua Zhu wrote:
>
>> Hello,
>> I'm doing a project using EAP-TTLS for authenticating users,
>> it's run ok when just have a single access, but when I have
>> more times access continuously there will generate a log
>> "SSL: SSL3 alert: write (local SSL3 detected an error):fatal:bad record
>> mac"
>>
>>
>> context is
>> server has sent it's cert, and then received the EAP-Response which
>> composed
>>
>> with "client key exchange" "change cipher spec" and "Encrypto handshake
>> Message"
>> but occur an error at the moment,
>> --log begin---
>> EAP-TTLS: Received packet(len=204) - Flags 0x00
>> SSL: (where=0x2001 ret=0x1)
>> SSL: SSL_accept:SSLv3 read client key exchange A
>> SSL: (where=0x4008 ret=0x214)
>> SSL: SSL3 alert: write (local SSL3 detected an error):fatal:bad record mac
>> SSL: (where=0x2002 ret=0xffffffff)
>> SSL: SSL_accept:error in SSLv3 read certificate verify A
>> SSL: 7 bytes pending from ssl_out
>> SSL: 7 bytes left to be sent out (of total 7 bytes)
>> --log end---
>> the eap message content is
>> 15 00 15 03 01 00 02 02 14
>>
>> who can give me some suggestion about which situation can induce this
>> result
>> ?
>> i think this packet is correct and ethreal can resolve it well.
>>
>> Thanks a lot
>>
>>
>>
> I had this problem and the only solution was to use TLSv1. Don't know if
> that helps.
> __________________________________________________ ____________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majordomo@openssl.org
>



--
Jinhua. Zhu
Nanjing, China
jinhua1982@gmail.com