[Pkg-openssl-devel] Bug#665452: Bug#665452: Bug#665452: openssl: 'upgrade' also breaks https://www.paypal.com
Louis-David Mitterrand
ldm at apartia.fr
Wed Mar 28 07:03:01 UTC 2012
On Tue, Mar 27, 2012 at 09:52:57PM +0200, Kurt Roeckx wrote:
> On Tue, Mar 27, 2012 at 09:39:50PM +0200, Kurt Roeckx wrote:
> >
> > Anyway, there seems to be 3 different problems:
> > - Servers that report BigIP as server. They don't reply to
> > ClientHello requests that are bigger than 255 bytes. Examples
> > include sourceforge.net and owa.mit.edu.
> > - Servers that don't tolerate verion numbers they don't support
> > while they are supposed to negiotate a lower version. Examples
> > include boekhuis.nl
> > - paypal which currently isn't clear what the problem really is,
> > it seems to support TLS1.2, but reacts weird to 1.1.
>
> So paypal really also seems to be the first case type, but acting
> a little weird.
Just to add some context to the paypal problem: many scripting languages
use openssl and so this breaks the paypal payment API for any website
using these languages (in my case perl).
More information about the Pkg-openssl-devel
mailing list