Bug 422081

Summary: fails to connect to SSL server
Product: [Fedora] Fedora Reporter: Jeremy Katz <katzj>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: tmraz
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openssl-0.9.8g-3 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-12-13 17:19:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jeremy Katz 2007-12-12 17:27:19 UTC 
Since updating to openssl-0.9.8, xchat-gnome can't connect to SSL servers anymore.

  Connection failed. Error: (336151568) error:14094410:SSL 
  routines:SSL3_READ_BYTES:sslv3 alert handshake failure
Comment 1 Tomas Mraz 2007-12-12 18:45:16 UTC 
Can openssl s_client connect to the servers without problems?
Comment 2 Jeremy Katz 2007-12-12 18:57:51 UTC 
Yep
Comment 3 Tomas Mraz 2007-12-12 21:18:58 UTC 
And what about openssl s_client -ssl3 ?
Comment 4 Jeremy Katz 2007-12-12 21:26:52 UTC 
Fails
CONNECTED(00000003)
12702:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake
failure:s3_pkt.c:1053:SSL alert number 40
12702:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake
failure:s3_pkt.c:530:
Comment 5 Jeremy Katz 2007-12-12 21:42:28 UTC 
Public server that exhibits the behavior is mozilla's -- irc.mozilla.org:6697
Comment 6 Tomas Mraz 2007-12-13 17:19:59 UTC 
Caused by sending tls ext in sslv3 client hello. The ssl server should tolerate
and ignore this but some apparently do not.