Apache + openssl - bugtraq.c ?
Herman Vega
hvegax en gmail.com
Jue Jun 8 18:43:11 CLT 2006
Sigo probando y creo que debe ser una rana de openssl openssl-0.9.7a.
Probe directamente con openssl client y arroja esto:
openssl s_client -connect localhost:443 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 09531FF0 [09532FE0] (142 bytes => 142 (0x8E))
0000 - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ......c... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.....f.
0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .............c..
0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...........@
0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`.......
0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 07 05 ................
0070 - 0a 6f 20 34 40 1a 77 bb-b0 98 ca 8e 95 c4 34 68 .o 4 en .w.......4h
0080 - e8 2b 31 1e 78 cb 88 9d-de b4 d4 a7 24 5c .+1.x.......$\
SSL_connect:SSLv2/v3 write client hello A
read from 09531FF0 [09538540] (7 bytes => 0 (0x0))
15706:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:226:
On 6/8/06, Herman Vega <hvegax en gmail.com> wrote:
> Active la depuracion y obtengo el sgte mensaje en logs de apache
> cuando hago un GET a traves de https desde el localhost:
>
> 127.0.0.1 - - [08/Jun/2006:17:32:45 -0400] "\x80\x8c\x01\x03\x01" 302 -
> ...
--
Herman Vega Jara
Computer Systems Engineer
hvegax en gmail.com
Mobil : (56 9) 798 57 57
Más información sobre la lista de distribución Linux