On 30/09/2022 16:46, Viktor Dukhovni via Exim-users wrote:
>> 00C0C60008000000:error:0A0C0103:SSL routines:tls_process_key_exchange:internal error:ssl/statem/statem_clnt.c:2254:
>>
>> I'll try to find some time to file a bug. Feel free to beat me to it.
> Actually, this is expected behaviour:
>
> https://github.com/openssl/openssl/issues/15335#issuecomment-843843617
Including that error line?
No obvious difference with that "ciphers" :-
17:39:23 59777 SMTP>> 220 TLS go ahead
17:39:23 59777 Calling SSL_accept
17:39:23 59777 SSL hshake_start: before SSL initialization
17:39:23 59777 SSL SSL_accept,state_chg: before SSL initialization
17:39:23 59777 SSL SSL_accept,state_chg: before SSL initialization
17:39:23 59777 SSL write,alert fatal:protocol version
17:39:23 59777 SSL SSL_accept,hshake_exit: error in error
17:39:23 59777 TLS error '(SSL_accept): error:100C0102:BIO routines::passed a null parameter'
The lines starting "SSL " are SSL_CTX_set_info_callback() events;
the "error in error" is a ret<0 with SSL_state_string_long() of "error"
(not very helpful).
The "TLS error" is a <=0 from SSL_accept()
with SSL_get_error() being SSL_ERROR_SSL;
the "null param" bit could have been directly from that error
or could have been from earlier.
--
Cheers,
Jeremy