GitLab

Imported from http://bugzilla.roxen.com/bugzilla/show_bug.cgi?id=3515

Reported by Jonas Wallden jonasw@roxen.com

A connection initiated from the Java SSL implementation seems to generate handshake errors in SSL.pmod. This has been verified on Pike 7.2 from last year as well as the most recent build. The tested Java version is 1.4.1.

Running with SSL3_DEBUG and SSL3_DEBUG_CRYPT shows that the Java client sends PACKET_change_cipher_spec. Next, when the new cipher is activated the following incoming packet gets a MAC (checksum) error and the session is closed. The key excange takes place prior to the switch but it's unknown whether the keys are correct or if the MAC is initialized correctly.