Thanks for continued investigation. A reproducer would be valuable as it would allow me to verify independently the patch is effective, within the limits of the understanding of the situation of course and that can be especially time-consuming when not having access to the remote server. :/ A reproducer here can be along the lines of install ubuntu foo to get nginx bar, configure nginx with TLS and baz and use a given curl command. Right now it's difficult to say if you're missing something since I can't test by myself and compare. A reproducer is also going to be a required proof in practice for the change to be done in any past release.
Timeline-wise, either this change gets into 24.04 which is entering Feature Freeze today, or it will wait for the development cycle of 24.10 when openssl is updated to >= 3.2 (probably 3.3). Then only will it be possible to also backport this to 22.04 which I guess is the release you are interested in. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2055304 Title: openssl 3.0.2 backport IgnoreUnexpectedEOF ssl config option from 3.2 Status in openssl package in Ubuntu: New Bug description: I get "Closing connection 0 curl: (35) error:0A000126:SSL routines::unexpected eof while reading" accessing some web servers. AFAIS "SSL_OP_IGNORE_UNEXPECTED_EOF" can help here. With 3.2[0] it can be configured in openssl.cnf, whereas 3.0[1] cannot. Would you mind to backport the mini patch[2] to be configured with 3.0, too? Example: $ tail -n 3 /etc/ssl/openssl.cnf [system_default_sect] CipherString = DEFAULT:@SECLEVEL=2 Options = IgnoreUnexpectedEOF [0] https://www.openssl.org/docs/man3.2/man3/SSL_CONF_cmd.html [1] https://www.openssl.org/docs/man3.0/man3/SSL_CONF_cmd.html [2] https://github.com/openssl/openssl/commit/51cf034433d528876f3c235c5150c5acfe88f24d To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2055304/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
