On Fri May 03 18:52:49 2013, fromopen...@homelinkcs.com wrote: > With openssl 1.0.0j, I could connect to www.energydirect.com using: > > openssl s_client -connect www.energydirect.com:443 > > But since my distribution upgraded to 1.0.1c, that command just shows > "CONNECTED(00000003)", hangs for a while, then eventually outputs: > > write:errno=104 > --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 0 bytes and written 369 bytes > --- > New, (NONE), Cipher is (NONE) > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > --- > > > If the -tls1 switch is used the connection will work, but unless this > new > behavior is intentional, this appears to be a regression. Using -tls1 > is okay > for simple command-line use, but for higher level scripts which use > openssl > underneath, having to explicitly specify TLSv1 for this host is > problematic. > > This problem seems to still be present in the master and > OpenSSL_1_0_1-stable > git branchs. By bisecting, I found that this change appears to have > occured > with commit 9472baae. >
This is a known bug in some servers, see PR#2771 for more details. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org