[pkg-lynx-maint] Bug#918934: lynx: Lynx fails to connect on some HTTPS websites

[Axel Beckert]

Control: tag -1 + confirmed patch upstream
Control: forwarded -1 http://lists.gnu.org/archive/html/lynx-dev/2018-12/msg00009.html

Hi Alex,

Alex Bernier wrote:
> Lynx fails to connect on some sebsites using the HTTPS protocol.
> For example "lynx https://mojolicious.org" gives the following output :

Indeed, thanks for the bug report.

Here's the English variant of the error message:

$ lynx https://mojolicious.org

Looking up mojolicious.org
Making HTTPS connection to mojolicious.org
Verified connection to mojolicious.org (subj=mojolicious.org)
Certificate issued by: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO
CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
Secure 256-bit TLS1.3 (ECDHE_RSA_AES_256_GCM_SHA384) HTTP connection
Sending HTTP request.
HTTP request sent; waiting for response.
Alert!: Unexpected network read error; connection aborted.
Can't Access `https://mojolicious.org/'
Alert!: Unable to access document.

lynx: Can't access startfile 

links2, elinks and w3m in Debian Unstable seem to be able to connect
to https://mojolicious.org/ without issues.

I first thought, it might be a GnuTLS vs OpenSSL issue, but elinks is
linked against GnuTLS like Lynx.

"gnutls-cli -p 443 mojolicious.org" doesn't seem to have an issue
either.

Given that mojolicious.org is hosted on Cloudflare, I assume that this
affects most cloudflare-hosted sites.

According to the upstream bug report, this seems to affect all TLS 1.3
offering servers:
http://lists.gnu.org/archive/html/lynx-dev/2018-12/msg00009.html

There is also mentioned that gmail.com is another case.

		Regards, Axel
-- 
 ,''`.  |  Axel Beckert <abe at debian.org>, https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-    |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE