[Pkg-openssl-devel] Bug#665452: Bug#665452: libssl1.0.0: breaks HTTPS download of some sites (eg. https://sourceforge.net)
Kurt Roeckx
kurt at roeckx.be
Sat Mar 24 11:39:03 UTC 2012
On Sat, Mar 24, 2012 at 12:23:37PM +0100, Bastian Kleineidam wrote:
> Package: libssl1.0.0
> Version: 1.0.1-2
> Severity: important
>
> Hi,
>
> installing the newest version breaks curl (and other download tools
> using libssl like perl GET) on https://sourceforge.net/
> Downgrading to 1.0.0h solves the problem.
>
> Attached are curl --trace outputs with version 1.0.0h and 1.0.1.
>
> Since the SSL error message is not very helpful, I could not match
> this problem to any of the existing bugs.
> So feel free to ask for more info about this.
I can reproduce it, and it doesn't make much sense to me at this
time. sourceforge just doesn't seem to reply.
The biggest change in 1.0.1 is that it supports TLS 1.1 and 1.2.
But using s_client with -no_tls1_1 -no_tls1_2 still doesn't get
me a connection.
On the other hand "gnutls-cli sourceforge.net" does work as
expected.
And forcing an SSL3 or TLS1 connection using s_client also works.
So I think someone at sourceforge will have to take a look at this.
Kurt
More information about the Pkg-openssl-devel
mailing list