[Pkg-openssl-devel] Bug#683159: Bug#683159: [openssl] can't connect to hosts which allow only SSLv3
Kurt Roeckx
kurt at roeckx.be
Sun Jul 29 12:17:20 UTC 2012
On Sun, Jul 29, 2012 at 01:58:09PM +0200, Olivier Bonvalet wrote:
> On 29/07/2012 12:27, Kurt Roeckx wrote:
> > On Sun, Jul 29, 2012 at 12:02:41PM +0200, Olivier Bonvalet wrote:
> >> Package: openssl
> >> Version: 1.0.1c-3
> >> Severity: important
> >>
> >> --- Please enter the report below this line. ---
> >>
> >> I can't connect to hosts which allow only SSLv3 :
> >>
> >> $ openssl s_client -connect www.ovh.com:443
> > This also works:
> > openssl s_client -no_tls1_1 -connect www.ovh.com:443
> > [...]
> > Protocol : TLSv1
> >
> >> Note that *gnutls* is also affected, but browsers like Lynx, Iceweasel, Chromium or Empathy doesn't have any trouble.
> > Yes, the site you're talking to is broken. Nothing we can do
> > about that other than disable TLS > 1.1, or retry with it
> > disabled.
> >
> >
> > Kurt
> >
> >
>
> Thanks for the clarification Kurt. Just a question : why is it working from Debian Squeeze ? Is it because in Debian Squeeze TLS > 1.1 is not compatible ?
openssl only support TLS 1.1 since version 1.0.1, and squeeze has
a 0.9.8 version.
Kurt
More information about the Pkg-openssl-devel
mailing list