[Pkg-openssl-devel] Bug#683159: Bug#683159: [openssl] can't connect to hosts which allow only SSLv3

Kurt Roeckx kurt at roeckx.be
Sun Jul 29 10:27:27 UTC 2012


On Sun, Jul 29, 2012 at 12:02:41PM +0200, Olivier Bonvalet wrote:
> Package: openssl
> Version: 1.0.1c-3
> Severity: important
> 
> --- Please enter the report below this line. ---
> 
> I can't connect to hosts which allow only SSLv3 :
> 
> $ openssl s_client -connect www.ovh.com:443

This also works:
openssl s_client -no_tls1_1 -connect www.ovh.com:443
[...]
    Protocol  : TLSv1

> Note that *gnutls* is also affected, but browsers like Lynx, Iceweasel, Chromium or Empathy doesn't have any trouble.

Yes, the site you're talking to is broken.  Nothing we can do
about that other than disable TLS > 1.1, or retry with it
disabled.


Kurt



More information about the Pkg-openssl-devel mailing list