1

我在非阻塞 tcp 客户端上使用 openssl。我正在尝试建立 2 个 TLS 连接,它们是不同的会话。第一个连接成功。但是连接时第二个出现了奇怪的错误。这是第二个连接的日志。

12:03:31.768 TLS: INFO: sess[0x4efdd3c] Handshake: start
12:03:31.768 TLS: INFO: sess[0x4efdd3c] Loop: before/connect initialization
12:03:31.768 TLS: INFO: sess[0x4efdd3c] Loop: SSLv3 write client hello A
12:03:31.768 TLS: INFO: sess[0x4efdd3c] Exit: error in SSLv3 read server hello A
12:03:31.768 TLS: INFO: SessConnect read blocked.
12:03:31.768 UTPT: INFO: tls conn[0x2000d] state read blocked.
12:03:31.768 UTPT: DEBUG: ConnProcTcpWr tls connecting.
12:03:31.782 UTPT: INFO: read tcp conn[0x2000d] of user[0x20008].
12:03:31.782 TLS: INFO: sess[0x4efdd3c] Loop: SSLv3 read server hello A
12:03:31.782 TLS: ERROR: verify error[18:self signed certificate] in depth[0].
12:03:31.782 TLS: INFO: issuer is </O=Self-signed certificate for kamailio/OU=cp/CN=cp.example.com/emailAddress=root@cp.example.com>
12:03:31.782 TLS: INFO: subject is </O=Self-signed certificate for kamailio/OU=cp/CN=cp.example.com/emailAddress=root@cp.example.com>
12:03:31.782 TLS: INFO: sess[0x4efdd3c] Loop: SSLv3 read server certificate A
12:03:31.782 TLS: INFO: sess[0x4efdd3c] Loop: SSLv3 read server done A
12:03:31.782 TLS: INFO: sess[0x4efdd3c] Loop: SSLv3 write client key exchange A
12:03:31.782 TLS: INFO: sess[0x4efdd3c] Loop: SSLv3 write change cipher spec A
12:03:31.782 TLS: INFO: sess[0x4efdd3c] Loop: SSLv3 write finished A
12:03:31.782 TLS: INFO: sess[0x4efdd3c] Loop: SSLv3 flush data
12:03:31.782 TLS: INFO: sess[0x4efdd3c] Exit: error in SSLv3 read finished A
12:03:31.782 TLS: INFO: SessConnect read blocked.
12:03:31.782 UTPT: INFO: tls conn[0x2000d] state read blocked.
12:03:31.782 UTPT: DEBUG: ConnProcTcpRd tls connecting.
12:03:31.814 UTPT: INFO: read tcp conn[0x2000d] of user[0x20008].
12:03:31.814 TLS: INFO: sess[0x4efdd3c] Write: SSLv3 read finished B
12:03:31.814 TLS: INFO: sess[0x4efdd3c] Exit: failed in SSLv3 read finished B

SSL fsm 想要读取已完成的 A,但在读取已完成的 B 时失败。请帮助我找出导致这种情况发生的原因。

这是失败时的错误字符串。

error:1408C095:SSL routines:SSL3_GET_FINISHED:digest check failed

我不确定这是什么意思。

4

0 回答 0