[Bug 965371] Re: HTTPS requests fail on some sites on Ubuntu 12.04
Pablo Almeida
965371 at bugs.launchpad.net
Fri Mar 30 21:27:49 UTC 2012
Hey! After the update that introduced the workaround, my python program
(which uses mediafire) works again, even though the openssl command doesn't
yet.
2012/3/30 Colin Watson <cjwatson at canonical.com>
> I've uploaded upstream's suggested workaround for most of the problems
> here. It isn't complete, and in particular it doesn't deal with the
> server in the bug description (see the Debian bug for a categorisation
> of the problems here), which is why I've left this bug open at a lowered
> importance.
>
> openssl (1.0.1-2ubuntu3) precise; urgency=low
>
> * Temporarily work around TLS 1.2 failures as suggested by upstream
> (LP #965371):
> - Use client version when deciding whether to send supported signature
> algorithms extension.
> - Experimental workaround to large client hello issue: if
> OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients
> only.
> - Compile with -DOPENSSL_NO_TLS1_2_CLIENT.
> This fixes most of the reported problems, but does not fix the case of
> servers that reject version numbers they don't support rather than
> trying to negotiate a lower version (e.g. www.mediafire.com).
>
> -- Colin Watson <cjwatson at ubuntu.com> Fri, 30 Mar 2012 17:11:45 +0100
>
> ** Changed in: openssl (Ubuntu Precise)
> Importance: High => Medium
>
> ** Changed in: openssl (Ubuntu Precise)
> Status: Confirmed => Triaged
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/965371
>
> Title:
> HTTPS requests fail on some sites on Ubuntu 12.04
>
> Status in OpenSSL cryptography and SSL/TLS toolkit:
> Confirmed
> Status in “openssl” package in Ubuntu:
> Triaged
> Status in “openssl” source package in Precise:
> Triaged
> Status in “openssl” package in Debian:
> New
>
> Bug description:
> This week, HTTPS connections from a Python script I wrote started
> giving me this error:
>
> urllib2.URLError: <urlopen error [Errno 8] _ssl.c:497: EOF occurred in
> violation of protocol>
>
> This used to work up until some three days ago and still works on
> other Ubuntu versions, but not in other Python versions on Precise. I
> was suspecting this was a bug in Python, but a guy on AskUbuntu (
> http://askubuntu.com/questions/116020/python-https-requests-urllib2
> -to-some-sites-fail-on-ubuntu-12-04-without-proxy/116059#116059 )
> found out this happens using the openssl command line tool too:
>
> $ openssl s_client -connect www.mediafire.com:443
>
> But succeeds if forcing TLS 1 with the -tls1 argument.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/openssl/+bug/965371/+subscriptions
>
--
Pablo Almeida
http://www.google.com/profiles/pabloalmeidaff9
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/965371
Title:
HTTPS requests fail on some sites on Ubuntu 12.04
Status in OpenSSL cryptography and SSL/TLS toolkit:
Confirmed
Status in “openssl” package in Ubuntu:
Triaged
Status in “openssl” source package in Precise:
Triaged
Status in “openssl” package in Debian:
New
Bug description:
This week, HTTPS connections from a Python script I wrote started
giving me this error:
urllib2.URLError: <urlopen error [Errno 8] _ssl.c:497: EOF occurred in
violation of protocol>
This used to work up until some three days ago and still works on
other Ubuntu versions, but not in other Python versions on Precise. I
was suspecting this was a bug in Python, but a guy on AskUbuntu (
http://askubuntu.com/questions/116020/python-https-requests-urllib2
-to-some-sites-fail-on-ubuntu-12-04-without-proxy/116059#116059 )
found out this happens using the openssl command line tool too:
$ openssl s_client -connect www.mediafire.com:443
But succeeds if forcing TLS 1 with the -tls1 argument.
To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/965371/+subscriptions
More information about the foundations-bugs
mailing list