So initial testing shows that this is actually a problem with OpenSSL,
or at least, it is OpenSSL refusing to connect to these servers:
(natty-amd64)r...@clint-macbookpro:/home/clint/pkg/php5/bzr/natty-php-ssl-fix#
openssl s_client -host cas.ucdavis.edu -port 443
CONNECTED(00000003)
1787:error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected
message:s23_clnt.c:602:
(natty-amd64)r...@clint-macbookpro:/home/clint/pkg/php5/bzr/natty-php-ssl-fix#
openssl s_client -host server.db.kvk.nl -port 443
CONNECTED(00000003)
1788:error:1407741A:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert decode
error:s23_clnt.c:602:
The condition to reach that error is:
else if ((p[0] == SSL3_RT_ALERT) &&
(p[1] == SSL3_VERSION_MAJOR) &&
((p[2] == SSL3_VERSION_MINOR) ||
(p[2] == TLS1_VERSION_MINOR)) &&
(p[3] == 0) &&
(p[4] == 2))
So it seems if the SSL version is 3, or we're using tlsv1, the code is
triggered (602 is later).
Still investigating, but I am adding an OpenSSL bug task.
** Also affects: openssl (Ubuntu)
Importance: Undecided
Status: New
** Changed in: openssl (Ubuntu)
Status: New => In Progress
** Changed in: openssl (Ubuntu)
Assignee: (unassigned) => Clint Byrum (clint-fewbar)
--
fopen fails on some SSL urls
https://bugs.launchpad.net/bugs/592442
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
