Welcome! Log In Create A New Profile

Advanced

Re: Bug re: openssl-1.0.1

Peter Fraser
January 12, 2015 11:00AM
Sorry for taking so long to reply. I am running FreeBSD 10.1 RELEASE and it
is Openssl version is OpenSSL 1.0.1j and I installed it from the ports tree
(source).

Regards

On Tue, Jan 6, 2015 at 4:56 PM, Lukas Tribus <luky-37@hotmail.com> wrote:

> > Hi. Thanks for replying.
> > I read it in two places. Here are the links.
> > 1.
> >
> http://serverfault.com/questions/436737/forcing-a-particular-ssl-protocol-for-an-nginx-proxying-server
> > 2.
> >
> http://w3facility.org/question/forcing-a-particular-ssl-protocol-for-an-nginx-proxying-server/
> >
> > The full error is this: peer closed connection in SSL handshake while
> > SSL handshaking, client: <client_IP>, server: <Server_FQDN> request:
> > "POST
> >
> /Microsoft-Server-ActiveSync?Cmd=Ping&User=<domain>%5C<user_name>&DeviceId=SEC090121863242D&DeviceType=SAMSUNGSMT800
> > HTTP/1.1", upstream:
> > "https://SERVER_IP:443/Microsoft-Server-ActiveSync?Cmd=Ping&User=
> <DOMAIN>%5C<USER_NAME>&DeviceId=SAMSUNGSGHI337",
> > host: "<SERVER_FQDN>"
> >
> > produced with debugging enabled.
> >
> >
> > If I run openssl s_client -connect <SERVER_IP:443 I get:
> > CONNECTED(00000003)
> > 675508300:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
> >
> failure:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_lib.c:184:
> > [...]
> > If I run openssl s_client -connect <SERVER_IP:443 -SSL3 the connection
> > works but it won't work from nginx even when I enable SSLv3.
>
> Ok, so you are running in this particular bug. However, its supposed to be
> fixed a very long time ago, in openssl 1.0.1b.
>
> I guess are running with an nginx executable from a third party, that has
> been linked to an older release of openssl.
>
> What OS/kernel/nginx/openssl release are you running exactly and how
> did you install it (for example did you install openssl and nginx via
> apt-get from original ubuntu repositoriers, or did you install from nginx
> repository or from source)?
>
>
>
> Lukas
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Bug re: openssl-1.0.1

Peter Fraser January 06, 2015 04:40PM

RE: Bug re: openssl-1.0.1

Lukas Tribus January 06, 2015 05:10PM

Re: Bug re: openssl-1.0.1

Peter Fraser January 06, 2015 05:48PM

RE: Bug re: openssl-1.0.1

Lukas Tribus January 06, 2015 07:58PM

RE: Bug re: openssl-1.0.1

Lukas Tribus January 06, 2015 08:14PM

Re: Bug re: openssl-1.0.1

Peter Fraser January 12, 2015 12:22PM

RE: Bug re: openssl-1.0.1

Lukas Tribus January 12, 2015 12:58PM

Re: Bug re: openssl-1.0.1

Peter Fraser January 12, 2015 04:20PM

Re: Bug re: openssl-1.0.1

Peter Fraser January 12, 2015 11:00AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 111
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready