Hi, On Wed, 28 Aug 2024 13:45:04 +0200 Theo Buehler <t...@theobuehler.org> wrote:
> > Certainly. Ideally this should not crash Dillo, no matter how > > obscure. > > What crashes dillo? Opening https://narkive.com crashes Dillo for me, It doesn't happen on any other sites: Nav_open_url: new url='https://narkive.com' Dns_server [0]: narkive.com is 149.248.211.108 Connecting to 149.248.211.108:443 TLS connect error: "an EOF was observed that violates the protocol" Tls_close_by_key: Avoiding SSL shutdown for: https://narkive.com fd 9 is done and failed dillo(84242) in free(): write to free mem 0xb5efb754c40[24..31]@32 gdb: Program received signal SIGABRT, Aborted. thrkill () at /tmp/-:2 2 /tmp/-: No such file or directory. in /tmp/- > > I don't know why it shows that version number instead of the latest > > one, this is a fresh install of a recent snapshot. > > It's a bit unfortunate, but the development release on current openbsd > snapshots still has 3.9.0 as the version number. It's complicated... > The short story is that we can't crank to 4.0.0 because it would break > the build of some important ports (e.g., rust). Thank you for clarifying this. > > $ ftp https://narkive.com/test > > Trying 149.248.211.108... > > TLS handshake failure: handshake failed: unexpected EOF > > I don't see this: > > $ ftp https://narkive.com/test > Trying 149.248.211.108... > Requesting https://narkive.com/test > ftp: Error retrieving https://narkive.com/test: 404 Not Found > $ nc -cvz narkive.com 443 > Connection to narkive.com (149.248.211.108) 443 port [tcp/https] > succeeded! TLS handshake negotiated TLSv1.3/TLS_AES_128_GCM_SHA256 > with host narkive.com Peer name: narkive.com > Subject: /CN=narkive.com > Issuer: /C=US/O=Let's Encrypt/CN=R11 > Valid From: Fri Jul 26 06:13:58 2024 > Valid Until: Thu Oct 24 06:13:57 2024 > Cert Hash: > SHA256:456275146f4b2e65c16d2432ff87917a4501ddb41dcb158195255c5995abbbf1 > OCSP URL: http://r11.o.lencr.org > > This looks all good from here. My nc output matches yours, but ftp still gets the handshake failure. Maybe it's something network specific on my end? But like I mentioned, an older OpenBSD system on my network with LibreSSL 3.6.0 does not have an issue with that site. I disabled pf just in case, but to no avail. I'm open to any clues on how to diagnose this! Regards, Alex _______________________________________________ Dillo-dev mailing list -- dillo-dev@mailman3.com To unsubscribe send an email to dillo-dev-le...@mailman3.com
