cURL
Haxx ad
libcurl
Mailing Lists

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-tracker Archives

[ curl-Bugs-3395520 ] SSL23_GET_SERVER_HELLO when connecting to OpenSSL 1.0.0

From: SourceForge.net <noreply_at_sourceforge.net>
Date: Sun, 21 Aug 2011 14:13:35 +0200

Bugs item #3395520, was opened at 2011-08-21 02:09
Message generated for change (Comment added) made by bagder
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=3395520&group_id=976

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: https
Group: wrong behaviour
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Jan-E (jan-e)
Assigned to: Daniel Stenberg (bagder)
Summary: SSL23_GET_SERVER_HELLO when connecting to OpenSSL 1.0.0

Initial Comment:
Same behaviour as in the closed bug 3165773.

Additional info: fails when connectiing to https://www.domain.tld, but connects correctly to https://domain.tld

E:\utils>curl --version
curl 7.19.4 (i386-pc-win32) libcurl/7.19.4 OpenSSL/0.9.8j zlib/1.2.3 libidn/1.11 libssh2/1.0
Protocols: tftp ftp telnet dict ldap http file https ftps scp sftp
Features: IDN Largefile NTLM SSL SSPI libz

E:\utils>curl -k -I https://sessionportal.net/
HTTP/1.1 200 OK
Date: Sat, 20 Aug 2011 23:59:23 GMT
Server: Apache/2.2.19 (Win32) DAV/2 mod_fcgid/2.3.6 mod_ssl/2.2.19 OpenSSL/1.0.0d PHP/5.3.6
[snip]

E:\utils>curl -k -I https://www.sessionportal.net/
curl: (35) error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)

----------------------------------------------------------------------

>Comment By: Daniel Stenberg (bagder)
Date: 2011-08-21 14:13

Message:
Still, I can't reproduce this. (I don't have or use windows.) This needs to
be debugged and researched further by someone who can reproduce it.

To me it looks much more like an OpenSSL on Windows problem rather than a
curl problem...

----------------------------------------------------------------------

Comment By: Jan-E (jan-e)
Date: 2011-08-21 13:46

Message:
Same effect with the 7.21.7 build
http://www.gknw.de/mirror/curl/win32/curl-7.21.7-ssh2-ssl-sspi-zlib-idn-static-bin-w32.7z
dated 28-Jun-2011 02:00

D:\zip\curl7217>curl --version
curl 7.21.7 (i386-pc-win32) libcurl/7.21.7 OpenSSL/0.9.8r zlib/1.2.5
libidn/1.18 libssh2/1.2.8
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s
rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN Largefile NTLM SSL SSPI libz

D:\zip\curl7217>curl -k -I https://www.sessionportal.net/
curl: (35) error:14077458:SSL
routines:SSL23_GET_SERVER_HELLO:reason(1112)

----------------------------------------------------------------------

Comment By: Jan-E (jan-e)
Date: 2011-08-21 13:38

Message:
Downloaded another win32 build from
http://www.gknw.de/mirror/curl/win32/old_releases/curl-7.21.1-ssh2-ssl-sspi-zlib-idn-static-bin-w32.7z

Same effect:
D:\zip\curl721>curl --version
curl 7.21.1 (i386-pc-win32) libcurl/7.21.1 OpenSSL/0.9.8o zlib/1.2.5
libidn/1.18 libssh2/1.2.7
Protocols: dict file ftp ftps http https imap imaps ldap pop3 pop3s rtsp
scp sftp smtp smtps telnet tftp
Features: AsynchDNS IDN Largefile NTLM SSL SSPI libz

D:\zip\curl721>curl -k -I https://sessionportal.net/
HTTP/1.1 200 OK
Date: Sun, 21 Aug 2011 11:34:32 GMT
Server: Apache/2.2.19 (Win32) DAV/2 mod_fcgid/2.3.6 mod_ssl/2.2.19
OpenSSL/1.0.0d PHP/5.3.6
[snip]

D:\zip\curl721>curl -k -I https://www.sessionportal.net/
curl: (35) error:14077458:SSL
routines:SSL23_GET_SERVER_HELLO:reason(1112)

----------------------------------------------------------------------

Comment By: Jan-E (jan-e)
Date: 2011-08-21 13:13

Message:
I copied the subject from this closed bug:
https://sourceforge.net/tracker/index.php?func=detail&aid=3165773&group_id=976&atid=100976

The Apache server is running OpenSSL/1.0.0d, the client uses
OpenSSL/0.9.8j. I do not know if this causes the odd behaviour.

----------------------------------------------------------------------

Comment By: Daniel Stenberg (bagder)
Date: 2011-08-21 12:02

Message:
Your summary says you connect TO openssl 1.0.0, how can you tell? Did you
mean connecting WITH openssl 1.0.0?

I think there's more to it than "just" that version though:

$ curl -V
curl 7.21.7 (i486-pc-linux-gnu) libcurl/7.21.7 OpenSSL/1.0.0d zlib/1.2.3.4
libidn/1.22 libssh2/1.2.8 librtmp/2.3

$ curl -k -I https://www.sessionportal.net/
HTTP/1.1 200 OK
Date: Sun, 21 Aug 2011 10:00:38 GMT

(and it also works fine with my 7.22.0-dev version using the same OpenSSL
version)

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=3395520&group_id=976
Received on 2011-08-21

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET