good day, fellow Tcl'ers
does anyone of you have experience with SSL/TLS on Tcl? A couple of
weeks ago I happily added to a project the ability of getting citations
through a DOI (Digital Object Identification) resolver and serve them
with a Rivet web service and Ajax to the clients. It was really cool.
Yesterday it stopped working with this protocol handshake error
error flushing "sock55f49a92e3e0": connection reset by peer
while evaluating {source doi.tcl }
SSL channel "sock55f49a92e3e0": error: sslv3 alert handshake failure
As a matter of fact it stopped working outside Rivet and on every
machine I could test it on (suggesting something had changed on the
server side). This a simple standalone test script
package require http
package require tls
::http::register https 443 [list ::tls::socket -ssl3 false \
-ssl2 false \
-tls1 true]
set doi "https://dx.doi.org/10.1073/pnas.0910249107";
set token [::http::geturl $doi -headers "Accept application/x-bibtex"]
The error occurs with both tls 1.6 and 1.7 (the latter has SSL3
disabled by default). I gather from what I read on the internet that
debugging SSL/TLS negotiations is often hard and error messages are
often misleading. This might be the case because ssl3 is disabled.
Furthermore testing the resolver with curl works as expected, so at the
moment I'm clueless.
really disappointing. Any suggestion?
-- Massimo
Firma il tuo 5 per mille all’Università di Parma e aiuta così i nostri studenti
che vogliono realizzare un’esperienza di studio all’estero - Indica 00308780345
nella tua denuncia dei redditi.
