Bug in Netos 6.3 SSL handshake

asa · November 7, 2008, 9:19pm

There seems to be a bug in NETOS 6.3 SSL implementation. It fails to negotiate SSL with Yahoo smtp server (plus.smtp.mail.yahoo.com).

Issue seems to be NETOS implementation , it fails the negotiation if SERVER-HELLO handshake message does not
have SessionID.
Yahoo Server responds with cipher SSL_CIPHER_SUITE_TLS_RSA_WITH_3DES_EDE_CBC_SHA(0x00,0x0A), but without sessionID, upon which Netos implementation responds with fatal “Handshake Failure”

asa · November 13, 2008, 2:20pm

An update, the problem is not due to absence of session id
The server is sending “certificate_request”(handshake type 0xd) to mail client and this is causing the fatal “Handshake failure” on the client. I have verified this, need some enhancements in the API to handle this request.

Topic		Replies	Views
ssl with NETOS 6.3 NET+OS	0	527	October 27, 2008
smtp email and SSL NET+OS smtp , email-ssl	2	433	January 31, 2020
SMTP Client and SSL/TLS NET+OS	9	1947	November 18, 2019
SSL Client with 2-way authentication problem NET+OS ssl	0	689	April 27, 2010
smtp mail client and ssl NET+OS email , ssl	1	669	October 23, 2015

Bug in Netos 6.3 SSL handshake

Related Topics