Stuart Henderson <stu <at> spacehopper.org> writes: > On 2012-11-18, Rodolfo Gouveia <rgouveia <at> cosmico.net> wrote: > > On Fri, Nov 16, 2012 at 08:23:40PM +0000, Rodolfo Gouveia wrote: > >> Hello, > >> It seems that https://www.prelude-ids.org doesn't play well with > >> the ftp(1). > > One thing I noticed is that if I connect with openssl s_client and > make a GET or HEAD request using the HOST header, this server does a > renegotiation. [...]
Found another site hitting this; https://issues.asterisk.org/. Just like prelude-ids.org, this one renegotiates as soon as you send a GET/HEAD with a HOST header. $ openssl s_client -connect issues.asterisk.org:443 [...] Start Time: 1364503452 Timeout : 300 (sec) Verify return code: 20 (unable to get local issuer certificate) --- GET /jira/ HTTP/1.0 HOST: issues.asterisk.org depth=1 C = US, O = "GeoTrust, Inc.", CN = RapidSSL CA verify error:num=20:unable to get local issuer certificate verify return:0 read R BLOCK HTTP/1.1 302 Moved Temporarily Date: Thu, 28 Mar 2013 20:44:18 GMT [...] Responses to "ftp -o- https://issues.asterisk.org/jira/browse/ASTERISK-21207"; vary between ftp: Improper response from issues.asterisk.org Segmentation fault (core dumped) ftp: Error retrieving file: Inc.1^T0^R^F<...bunch of data from the new cert..>
