[Pkg-openssl-devel] Bug#680137: Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

Clement Hermann (nodens) clement.hermann at free.fr
Tue Jul 3 22:31:29 UTC 2012


Le 04/07/2012 00:14, Clement Hermann (nodens) a écrit :
>
> The server is running on netbsd 6. I asked the admin, and openssl 
> version returns :
> OpenSSL 1.0.1-stable 05 Jun 2011
>
> a ldd on ircd returns -lssl.9 => /usr/lib/libssl.so.9 though.
>
>

I made a few more tests, and it seems to sometimes work with openssl 
s_client -tls1_1. But when it works, I need to stop trying for 10s or 
so, or it will never work again. The same thing happens with -cipher 
AES256 (but it could be some kind of entropy issue on the server).

However, it never works without specifying either the protocol or the 
cipher. I let irssi try for 2 days before trying to downgrade libssl 
(several minutes between tries).

Hope that helps,

-- 
Clement Hermann (nodens)
- "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?"
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.






More information about the Pkg-openssl-devel mailing list