[Touch-packages] [Bug 1410989] Re: SSL_connect:unknown state

2015-01-14 Thread Circa Lucid 
These are my test cases and the final solution

user@test0:~$ uname -a
Linux test0 3.11.0-26-generic #45-Ubuntu SMP Tue Jul 15 04:02:06 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux
user@test0:~$ openssl version -a
OpenSSL 1.0.1e 11 Feb 2013
built on: Fri Jun 20 18:52:46 UTC 2014
platform: debian-amd64
options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx)
compiler: cc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT 
-DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector 
--param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 
-Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall 
-DOPENSSL_NO_TLS1_2_CLIENT -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 
-DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM
OPENSSLDIR: /usr/lib/ssl
user@test0:~$ openssl s_client -CApath /etc/ssl/certs -connect www.tm3.com:443 
-state
CONNECTED(0003)
SSL_connect:before/connect initialization
SSL_connect:unknown state
SSL_connect:SSLv3 read server hello A
(truncated)
Verify return code: 0 (ok)


user@test1:~$ uname -a
Linux test1 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:08 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux
user@test1:~$ lsb_release -a | grep Code
Codename:   saucy
user@test1:~$ openssl version -a
OpenSSL 1.0.1f 6 Jan 2014
built on: Fri Jun 20 18:54:02 UTC 2014
platform: debian-amd64
options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx)
compiler: cc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector 
--param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 
-Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DMD32_REG_T=int 
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM 
-DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: /usr/lib/ssl
user@test1:~$ openssl s_client -CApath /etc/ssl/certs -connect www.tm3.com:443 
-state
(hangs)
user@test1:~$ openssl s_client -CApath /etc/ssl/certs -connect www.tm3.com:443 
-state -ssl3
(hangs)
user@test1:~$ openssl s_client -CApath /etc/ssl/certs -connect www.tm3.com:443 
-state -tls1
(hangs)


user@test2:~$ uname -a
Linux test2 3.13.0-44-generic #73-Ubuntu SMP Tue Dec 16 00:22:43 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux
user@test2:~$ lsb_release -a | grep Code
Codename:   trusty
user@test2:~$ openssl version -a
OpenSSL 1.0.1f 6 Jan 2014
built on: Fri Jan  9 17:52:48 UTC 2015
platform: debian-amd64
options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx)
compiler: cc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector 
--param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 
-Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DMD32_REG_T=int 
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM 
-DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: /usr/lib/ssl
user@test2:~$ openssl s_client -CApath /etc/ssl/certs -connect www.tm3.com:443 
-state
CONNECTED(0003)
SSL_connect:before/connect initialization
SSL_connect:unknown state
(hangs)
user@test2:~$ openssl s_client -CApath /etc/ssl/certs -connect www.tm3.com:443 
-state -ssl3
CONNECTED(0003)
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
(truncated)
Verify return code: 0 (ok)


apt-get -y install build-essential libssl-dev

wget https://www.openssl.org/source/openssl-1.0.1k.tar.gz
tar -xvzf openssl-1.0.1k.tar.gz
cd openssl-1.0.1k
make dclean
make clean
export CFLAGS=-fPIC
./config -fstack-protector -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 
-Wl,-Bsymbolic-functions -Wl,-z,relro -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 
-DMD32_REG_T=int shared zlib 
make depend
make
make install

user@test3:~$ uname -a
Linux test3 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:08 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux
user@test3:~$ lsb_release -a | grep Code
Codename:   trusty
user@test3:~$ /usr/local/ssl/bin/openssl version -a
OpenSSL 1.0.1k 8 Jan 2015
built on: Wed Jan 14 16:01:29 2015
platform: linux-x86_64
options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) idea(int) blowfish(idx)
compiler: -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS 
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -fstack-protector -Wformat 
-Werror=format-security -D_FORTIFY_SOURCE=2 
-DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 -DMD32_REG_T=int -Wa,--noexecstack -m64 
-DL_ENDIAN -DTERMIO -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM

[Touch-packages] [Bug 1410989] [NEW] SSL_connect:unknown state

2015-01-14 Thread Circa Lucid 
Public bug reported:

Running openssl s_client, I'm getting some websites (www.tm3.com,
ws.myfax.com) that cause requests to hang. I compiled openssl-1.0.1k and
it seems to be working now. Is there a more correct fix other than
compiling the newest openssl?

** Affects: openssl (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: libssl openssl

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1410989

Title:
  SSL_connect:unknown state

Status in openssl package in Ubuntu:
  New

Bug description:
  Running openssl s_client, I'm getting some websites (www.tm3.com,
  ws.myfax.com) that cause requests to hang. I compiled openssl-1.0.1k
  and it seems to be working now. Is there a more correct fix other than
  compiling the newest openssl?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1410989/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp