422081 – fails to connect to SSL server

Bug 422081 - fails to connect to SSL server

Summary: fails to connect to SSL server

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	openssl
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-12-12 17:27 UTC by Jeremy Katz
Modified:	2007-12-13 17:19 UTC (History)
CC List:	1 user (show)
Fixed In Version:	openssl-0.9.8g-3
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-12-13 17:19:59 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Jeremy Katz 2007-12-12 17:27:19 UTC

Since updating to openssl-0.9.8, xchat-gnome can't connect to SSL servers anymore.

  Connection failed. Error: (336151568) error:14094410:SSL 
  routines:SSL3_READ_BYTES:sslv3 alert handshake failure

Comment 1 Tomas Mraz 2007-12-12 18:45:16 UTC

Can openssl s_client connect to the servers without problems?

Comment 2 Jeremy Katz 2007-12-12 18:57:51 UTC

Yep

Comment 3 Tomas Mraz 2007-12-12 21:18:58 UTC

And what about openssl s_client -ssl3 ?

Comment 4 Jeremy Katz 2007-12-12 21:26:52 UTC

Fails
CONNECTED(00000003)
12702:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake
failure:s3_pkt.c:1053:SSL alert number 40
12702:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake
failure:s3_pkt.c:530:

Comment 5 Jeremy Katz 2007-12-12 21:42:28 UTC

Public server that exhibits the behavior is mozilla's -- irc.mozilla.org:6697

Comment 6 Tomas Mraz 2007-12-13 17:19:59 UTC

Caused by sending tls ext in sslv3 client hello. The ssl server should tolerate
and ignore this but some apparently do not.

Note You need to log in before you can comment on or make changes to this bug.