Hello, I found bug which prevents SSL connection to geocaching.com:443 using SSLv23. It times out just after Client hello. When I enforce SSLv3 no problem occurs. I found this behavior using curl and python-ssl library, both based on OpenSSL 1.0.1c, hence I consider OpenSSL library to be the cause.
$ curl -V curl 7.26.0 (x86_64-pc-linux-gnu) libcurl/7.26.0 OpenSSL/1.0.1c zlib/1.2.7 libidn/1.25 libssh2/1.4.1 librtmp/2.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp Features: Debug GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP $ curl -v https://www.geocaching.com/default/login.aspx * About to connect() to www.geocaching.com port 443 (#0) * Trying 66.150.167.189... * connected * Connected to www.geocaching.com (66.150.167.189) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * Unknown SSL protocol error in connection to www.geocaching.com:443 * Closing connection #0 curl: (35) Unknown SSL protocol error in connection to www.geocaching.com:443 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
