[Pkg-openssl-devel] Bug#665452: Bug#665452: Bug#665452: libssl1.0.0: breaks HTTPS download of some sites (eg. https://sourceforge.net)
Kurt Roeckx
kurt at roeckx.be
Sat Apr 21 12:48:25 UTC 2012
On Sun, Mar 25, 2012 at 04:01:13AM +0200, Kurt Roeckx wrote:
>
> That bug report mentions owa.mit.edu, which also responds with:
> Server: BigIP
So Derek Poon reported this:
| We run a site that uses the F5 Networks BIG-IP load balancer, and
| OpenSSL 1.0.1 triggers this bug on the load balancer. When it
| occurs, the load balancer neither forwards the request to a pool
| member, nor does it respond to the OpenSSL client. There are
| warning messages in the load balancer's /var/log/ltm file:
| warning tmm[5313]: 012f0002:4: WARN at ../modules/hudproxy/bigproto/pva/pva_frames.c:1234:Received illegal header padding 100 versus 2ff
| Working with F5 Networks tech support, we have determined that
| this is a known issue, which they track as Bug 376483. It is
| fixed in the recently released BIG-IP LTM 10.2.4 software, though
| it is not mentioned in their release notes, and I confirm that TLS
| 1.2 connections no longer hang after upgrading to 10.2.4.
Kurt
More information about the Pkg-openssl-devel
mailing list