Doug Barton <dougb_at_FreeBSD.org> wrote: > On 07/13/2012 21:21, Jan Beich wrote: > > It seems recent OpenSSL update broke fetch(1) for me. > > > > $ diff -u $SRC_BASE/crypto/openssl/apps/openssl.cnf /etc/ssl/openssl.cnf > > $ fetch https://foo/bar > > fetch: https://foo/bar: Authentication error > > > > Same error as with the patch for 1.0.0d from a year ago and > > same workaround - s/SSLv23_client_method/SSLv3_client_method/. > > FWIW, I have a gcc world and I'm not seeing this problem with r238444: > > fetch https://www.isc.org/ > fetch: https://www.isc.org/: size of remote file is not known > fetch.out 33 kB 227 kBps I have a gcc world too, but while https://www.isc.org/ worked for me as well, using others I got the same behaviour as Jan: fk_at_r500 ~ $fetch -o /dev/null https://lists.sourceforge.net fetch: https://lists.sourceforge.net: Authentication error For some I got an additional error message: fk_at_r500 ~ $fetch -o /dev/null https://www.google.com 34382938280:error:1408D07B:SSL routines:SSL3_GET_KEY_EXCHANGE:bad signature:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_clnt.c:1811: fetch: https://www.google.com: Authentication error Letting libfetch use SSLv3_client_method instead of SSLv23_client_method as suggested worked around the issue for me as well. Fabian
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:29 UTC