[Bug 595415] Re: Curl (openssl) fails to open some https URLs with "illegal parameter" error
Adrien Nader
595415 at bugs.launchpad.net
Thu May 11 15:51:51 UTC 2023
I'm going to mark this as Fix Released due to the message above even
though I wasn't able to try to reproduce today (due to so many things
having changed since 2012).
** Changed in: openssl (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/595415
Title:
Curl (openssl) fails to open some https URLs with "illegal parameter"
error
Status in curl package in Ubuntu:
Incomplete
Status in openssl package in Ubuntu:
Fix Released
Bug description:
Binary package hint: curl
Some HTTPS urls cause curl to fail with an "illegal parameter" error.
This error goes away if you manually specify "--sslv3"
e.g.
$ curl --version
curl 7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15
Protocols: tftp ftp telnet dict ldap ldaps http file https ftps
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
$ curl https://www.orange.sk/
curl: (35) error:14077417:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert illegal parameter
$ curl --sslv3 https://www.orange.sk/
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="sk" lang="sk">
...etc
This is particularly problematic if using an application which uses
libcurl, but does not allow setting of the --sslv3 flag, e.g. nagios's
check_http utility.
This redhat bug https://bugzilla.redhat.com/show_bug.cgi?id=525496
appears to describe the same problem, and has a patch
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/curl/+bug/595415/+subscriptions
More information about the foundations-bugs
mailing list