NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

lib/46878: connection to some https site using openssl causes freeze

>Number:         46878
>Category:       lib
>Synopsis:       connection to some https site using openssl causes freeze
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Aug 30 16:05:01 +0000 2012
>Originator:     Ryo ONODERA
>Release:        NetBSD 6.99.10
System: NetBSD 6.99.10 NetBSD 6.99.10 (GENERIC) 
#3: Thu Aug 30 21:58:31 JST 2012
Architecture: i386
Machine: i386
% openssl s_client -connect
WARNING: can't open config file: /etc/openssl/openssl.cnf

I had reported to current-users@ about one year ago.

OpenSSL 1.0.1c resolves some connection to https sites,
but I cannot connect to, for example, properly.
This problem prevents net/nicovideo-dl use on NetBSD current and 6.0.

Original problem is mixture of some problems.
If I can analyse it correctly, the problem of
 is caused from TLS 1.2 isdefault trial of openssl 1.0.1c
(thank you, Matthias Drochner).

With the patch in Fix: section, nicovideo-dl works well,
and connection to some erroneous sites with www/w3m also works well,
for example,

Run the following command on NetBSD current of today, or 6.0_RC1.
% openssl s_client -connect

I have no idea about correct place for definition of OPENSSL_NO_TLS1_2_CLIENT.
The following patch works well.

Index: Makefile.openssl
RCS file: /cvsroot/src/crypto/Makefile.openssl,v
retrieving revision 1.10
diff -u -r1.10 Makefile.openssl
--- Makefile.openssl    23 Sep 2009 04:02:28 -0000      1.10
+++ Makefile.openssl    30 Aug 2012 15:45:34 -0000
@@ -9,5 +9,6 @@
 CPPFLAGS+=     -DOPENSSLDIR=\"/etc/openssl\"
 CPPFLAGS+=     -DENGINESDIR=\"/usr/lib/openssl\"


Home | Main Index | Thread Index | Old Index