[Pkg-openssl-devel] Bug#680137: Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

Clement Hermann (nodens) clement.hermann at free.fr
Tue Jul 3 22:14:18 UTC 2012


Le 03/07/2012 23:54, Kurt Roeckx a écrit :
> On Tue, Jul 03, 2012 at 11:29:26PM +0200, Clement Hermann (nodens) wrote:
>> Package: libssl1.0.0
>> Version: 1.0.1c-3
>> Severity: normal
>>
>> Hi,
>>
>> I've been having trouble connecting to a SSL-enabled ircd (ircd-hybrid-7.2.3nb3
>> IRC server with many options, on netbsd 6.0_beta2). I use irssi, but did all my
>> tests with openssl s_client to be sure.
>>
>> The connexion works with libssl1.0.0h, but every later version fails with the
>> error "wrong cipher". What's funny is that if I force the cipher that would
>> have been chosen with 1.0.0h when using 1.0.1, I can connect.
>>
>> Also, FWIW, it is working on ubuntu 12.4 (openssl 1.0.1).
> Do you know what ssl implementation and version is running on the
> other side?  Is there some firewall or ssl accelerator in between
> or something?
>
> I'm not sure what hybrid supports for ssl libraries, and the
> Debian package doesn't seem to be build with ssl enabled.
>
The server is running on netbsd 6. I asked the admin, and openssl 
version returns :
OpenSSL 1.0.1-stable 05 Jun 2011

a ldd on ircd returns -lssl.9 => /usr/lib/libssl.so.9 though.


-- 
Clement Hermann (nodens)
- "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?"
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.






More information about the Pkg-openssl-devel mailing list