On Fri, Aug 24, 2018 at 10:27:16AM +0000, Damyan Ivanov wrote: > -=| Kurt Roeckx, 23.08.2018 22:32:13 +0200 |=- > > Note that the SIGPIPE issue is probably a known upstream issue > > that still needs to be fixed, we're at least still working on a > > SIGPIPE issue. > > > > But that does not mean that the other issues in libnet-ssleay-perl > > should not get fixed. > > I tried applying all the patches from the fedora package of > Net-SSLeay, and it didn't help much. > > It was mentioned in the upstream ticket that an additional fix is > needed on libssl side, see > https://bugzilla.redhat.com/show_bug.cgi?id=1615098 > > The reproducer from there fails with 1.1.1~~pre9-1 from unstable. > > Does this seem like something that needs to be fixed on the openssl > side?
This is something that should get fixed in whatever calls TLSv1_method(). You should never call that function. It's also been deprecated. The problem is that TLSv1_method() only supports TLS 1.0, and the default config now says that TLS 1.2 is the minimum verison. You should either use SSLv23_method() or TLS_method(), which support all protocol versions that are enabled. Kurt