On 2020/01/31 23:03, Stuart Henderson wrote: > On 2020/01/31 21:24, Sven Wolf wrote: > > Hi, > > > > I run current. After I run sysupgrade today (GENERIC.MP #626 build Jan 30) > > it's not possible to run pkd_add. I always get the error > > TLS connect failure: failed to set session > > signify: gzheader truncated > > pkg_add runs ftp many times and tries to resume TLS sessions between calls > to reduce setup overhead. The failure is connected with this but is only > seen with some sites. <snip>
> Generally it is hard to debug these without access to the server (at > least to make an HTTPS connection if not actually fetch files) so it being > an internal server makes that hard. However I have found some other hosts > which also have the same symptom so hopefully this will help libressl > developers track it down. > > https://cloudflare.cdn.openbsd.org/pub/OpenBSD/ > https://mirrors.ucr.ac.cr/pub/OpenBSD/ > https://mirrors.dotsrc.org/pub/OpenBSD/ > https://mirror.one.com/pub/OpenBSD/ > https://openbsd.c3sl.ufpr.br/pub/OpenBSD/ These all run TLS 1.3. The ones I ran through ssllabs checker all support session resumption as well (I didn't do all of them because it's takes forever :). > And there's a bonus "SSL_internal:unknown failure occurred" at > > https://mirror.vdms.com/pub/OpenBSD/ >
