SSL read error: Success when DTLS is on
Siyuan Ren
netheril96 at gmail.com
Wed Mar 29 01:52:32 PDT 2017
The server shows a useless log message
> disconnect user '166F57A07AAF' (909) from 2402:f000:5:7a01:510c:779b:671a:a363 with IP 10.44.3.212 (reason: unspecified error, time: 1s)
Any recommendation on what tools I could use to debug the connection?
On Wed, Mar 29, 2017 at 4:28 PM, Nikos Mavrogiannopoulos
<n.mavrogiannopoulos at gmail.com> wrote:
> On Wed, Mar 29, 2017 at 4:03 AM, Siyuan Ren <netheril96 at gmail.com> wrote:
>> Recently the openconnect client on my machine stops working with DTLS
>> on. It constantly displays "SSL read error: Success.; reconnecting."
>> which is rather confusing.
>>
>> My machine is a MacBook Pro (Retina, 15-inch, Late 2013) with macOS
>> Sierra 10.12.4 (16E195). `openconnect` is installed by `homebrew` at
>> /usr/local with default options. Both bottle and build-from-source
>> have been tried. The server is run by ocserv 0.11.7 on Debian jessie.
>> Connecting without DTLS or with Cisco Anyconnect iOS client work fine.
>> Connecting via IPv4 or IPv6 show the same error on macOS, and the same
>> success with Cisco Anyconnect.
>>
>> Following is the full log output when connecting to my server until I
>> interrupted it since it was constantly reconnecting.
>
> You have to see what is going on, on the server or any relevant middle
> box. Although the error message is confusing, Success here means that
> the client received the value 0 on the SSL channel, meaning that the
> peer has closed the connection.
>
> regards,
> Nikos
More information about the openconnect-devel
mailing list