Hello all, I'm asking for advice from the SSL/OpenSSL guru's here.

I've been writing several scripts to use OpenSSL/LWP/Crypt_SSLeay to POST requests to remote websites to upload and download files. All has been going well until my latest script to a new server. I have been having problems downloading files from this server where the SSL request does not receive a response for 10 minutes, then errors out with this:
Error while sending the Request to https://<i>hostname</i> -- 500 read failed: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

I have Googled a few forums and discovered that some believe this is due to a handshakeing issue in SSL and can be resolved under OpenSSL via a SSL_OP_TLS_ROLLBACK_BUG option flag.

My question is, "Can anybody help me understand what the real problem is, and how I can set an OpenSSL flag when I'm using an LWP->UserAgent/HTTP->Request setup to handle the transfers?"

I've read that this appears to be an issue where the server and client first agree on a higher SSL version number, then the client sends a latter request to the server with a lower version number, due to a bad response from the server. Under strict SSL validation, this is not allowed. Yet I've seen no mention of this topic on PerlMonks, so I wonder if I'm doing something wrong. I can post the code, but snippits would be better since it's fairly big. (automating EDI file transfers)

I'm running Win2k
ActivePerl v.5.8.0 for MSWin32-x86-multi-thread.
OpenSSL v.0.9.7b
Crypt-SSLeay v.0.51
LWP 5.68

Server response header says the server is: 

Server: Microsoft-IIS/5.0
Server: WebSphere Application Server/5.0

[download]

Thanks.

Here's snippets of the simplified code:

use strict;    # of course.
use warnings;
use Carp;
use LWP::UserAgent;
use LWP::Debug qw(+);
use HTTP::Request;
....
$ua = LWP::UserAgent->new(timeout => 90);
$ua->agent("ediscript/0.5 ");
#   Establish a memory resident, temporary cookie jar (database) to ho
+ld any used cookies.
$ua->cookie_jar({});
....
###  Code to construct XML content string
my $res = sendRequest($dnldContent, $dnldURL)

print $res;
....

sub sendRequest {
    my $reqXML = shift || return undef;
    my $reqURL = shift || return undef;

    my $req = HTTP::Request->new(POST => $reqURL);
    $req->content_type('text/xml');

    $req->content($reqXML);

    my $res = $ua->request($req);

    croak "Error while sending the Request to ", $res->request->uri, "
+ -- ", $res->status_line, "\n"
        unless $res->is_success;

    return $res->content;
}

[download]

In reply to SSL Transfer error 'wrong version number' by rusacarr

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.