search

bytinbit / strongswan

strongSwan - IPsec-based VPN
https://www.strongswan.org
Other
2 stars 0 forks source link

libtls: Fix TLS 1.2 error #41

Closed bytinbit closed 4 years ago

bytinbit commented 4 years ago

Aufwandschätzung: soll=4 Stunden ist=

Server Finished message is wrong.

processing TLS Handshake record (4 bytes)
# Handshake is not finished yet -> process more handshake data
received TLS ServerHelloDone handshake (0 bytes)
created TLS session 34:f7:ee:28:fe:12:f6:1d:18:9a:f7:e1:6b:25:c0:61:f6:62:f1:8a:c5:50:93:4b:da:a0:00:de:bb:91:49:ae, 1 sessions
sending TLS ClientKeyExchange handshake (66 bytes)
sending TLS Handshake record (70 bytes)
sending TLS ChangeCipherSpec record (1 bytes)
sending TLS Finished handshake (12 bytes)
sending TLS Handshake record (64 bytes)
processing TLS ChangeCipherSpec record (1 bytes)
processing TLS Handshake record (64 bytes)
# Handshake is not finished yet -> process more handshake data
received TLS Finished handshake (12 bytes)
# in process_finished
received server finished for legacy TLS invalid
sending fatal TLS alert 'decrypt error'
sending TLS Alert record (48 bytes)
TLS write error