[Pkg-openssl-devel] Bug#680137: Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

Kurt Roeckx kurt at roeckx.be
Tue Jul 3 22:21:52 UTC 2012


On Wed, Jul 04, 2012 at 12:14:18AM +0200, Clement Hermann (nodens) wrote:
> Le 03/07/2012 23:54, Kurt Roeckx a écrit :
> >On Tue, Jul 03, 2012 at 11:29:26PM +0200, Clement Hermann (nodens) wrote:
> >>Package: libssl1.0.0
> >>Version: 1.0.1c-3
> >>Severity: normal
> >>
> >>Hi,
> >>
> >>I've been having trouble connecting to a SSL-enabled ircd (ircd-hybrid-7.2.3nb3
> >>IRC server with many options, on netbsd 6.0_beta2). I use irssi, but did all my
> >>tests with openssl s_client to be sure.
> >>
> >>The connexion works with libssl1.0.0h, but every later version fails with the
> >>error "wrong cipher". What's funny is that if I force the cipher that would
> >>have been chosen with 1.0.0h when using 1.0.1, I can connect.
> >>
> >>Also, FWIW, it is working on ubuntu 12.4 (openssl 1.0.1).
> >Do you know what ssl implementation and version is running on the
> >other side?  Is there some firewall or ssl accelerator in between
> >or something?
> >
> >I'm not sure what hybrid supports for ssl libraries, and the
> >Debian package doesn't seem to be build with ssl enabled.
> >
> The server is running on netbsd 6. I asked the admin, and openssl
> version returns :
> OpenSSL 1.0.1-stable 05 Jun 2011
> 
> a ldd on ircd returns -lssl.9 => /usr/lib/libssl.so.9 though.

Can you try:
strings /usr/lib/libssl.so.9 |grep OpenSSL



Kurt






More information about the Pkg-openssl-devel mailing list