Public bug reported:
Package version: 1.0.1-4ubuntu5.25
Recently one of my IRC networks changed to TLSv1.2 only and I was unable
to connect. The version of OpenSSL in precise appears to have problems
connecting to servers that only accept TLSv1.2.
ZNC:
<*status> Disconnected from IRC (error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure). Reconnecting...
irssi:
22:15 -!- Irssi: warning SSL handshake failed: sslv3 alert handshake failure
22:15 -!- Irssi: Connection lost to irc.p2p-network.net
OpenSSL:
$ openssl s_client -connect irc.p2p-network.net:6697
CONNECTED(00000005)
139964049446560:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure:s23_clnt.c:732:
Explicitly specifying TLSv1.2 works:
$ openssl s_client -connect irc.p2p-network.net:6697 -tls1_2
CONNECTED(00000005)
...
New, TLSv1/SSLv3, Cipher is AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : AES256-GCM-SHA384
In vivid (openssl 1.0.1f-1ubuntu11):
$ openssl s_client -connect irc.p2p-network.net:6697
CONNECTED(00000003)
...
New, TLSv1/SSLv3, Cipher is AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : AES256-GCM-SHA384
** Affects: openssl (Ubuntu)
Importance: Undecided
Status: New
** Tags: precise
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1442970
Title:
Connecting to TLSv1.2 only servers fails without explicitly specifying
protocol
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1442970/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
