OpenSSL 1.0.1 handshake timeout
I recently had a timeout issue with a service provider we connect to
over HTTPS. I found downgrading to OpenSSL 1.0.0 solved the problem.
I'm not sure how to determine if it's a bug, an Arch Linux package
issue, or a problem with the service providers server?
I tested using Python and Ruby (multiple versions):
With OpenSSL 1.0.1-1 under Arch Linux, this times out:
python
import requests
r = requests.get('https://esqa.moneris.com', timeout=5)
With OpenSSL 1.0.0 under Arch Linux, it works.
OpenSSL 1.0.1 does work however connecting to other HTTPS servers such
as Google, and Thawte's test server.
My original post on ruby-forum:
http://www.ruby-forum.com/topic/3944461#new
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.1 handshake timeout
Hello,
Try some test connections:
# openssl s_client -connect hostname:443 -debug -msg
# openssl s_client -connect hostname:443 -debug -msg -bugs
Best regards,
--
Marek Marcola marek.marc...@malkom.pl
owner-openssl-us...@openssl.org wrote on 03/28/2012 06:02:01 PM:
James Earl ja...@truckhardware.ca
Sent by: owner-openssl-us...@openssl.org
03/28/2012 06:03 PM
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
OpenSSL 1.0.1 handshake timeout
I recently had a timeout issue with a service provider we connect to
over HTTPS. I found downgrading to OpenSSL 1.0.0 solved the problem.
I'm not sure how to determine if it's a bug, an Arch Linux package
issue, or a problem with the service providers server?
I tested using Python and Ruby (multiple versions):
With OpenSSL 1.0.1-1 under Arch Linux, this times out:
python
import requests
r = requests.get('https://esqa.moneris.com', timeout=5)
With OpenSSL 1.0.0 under Arch Linux, it works.
OpenSSL 1.0.1 does work however connecting to other HTTPS servers such
as Google, and Thawte's test server.
My original post on ruby-forum:
http://www.ruby-forum.com/topic/3944461#new
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.1 handshake timeout
On Wed, Mar 28, 2012, James Earl wrote:
I recently had a timeout issue with a service provider we connect to
over HTTPS. I found downgrading to OpenSSL 1.0.0 solved the problem.
I'm not sure how to determine if it's a bug, an Arch Linux package
issue, or a problem with the service providers server?
I tested using Python and Ruby (multiple versions):
With OpenSSL 1.0.1-1 under Arch Linux, this times out:
python
import requests
r = requests.get('https://esqa.moneris.com', timeout=5)
With OpenSSL 1.0.0 under Arch Linux, it works.
OpenSSL 1.0.1 does work however connecting to other HTTPS servers such
as Google, and Thawte's test server.
There is a known issue with some servers mentioned in PR#2771.
See this link for more details:
http://rt.openssl.org/Ticket/Display.html?id=2771user=guestpass=guest
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.1 handshake timeout
On Wed, Mar 28, 2012 at 10:16 AM, Dr. Stephen Henson st...@openssl.org wrote:
On Wed, Mar 28, 2012, James Earl wrote:
I recently had a timeout issue with a service provider we connect to
over HTTPS. I found downgrading to OpenSSL 1.0.0 solved the problem.
I'm not sure how to determine if it's a bug, an Arch Linux package
issue, or a problem with the service providers server?
I tested using Python and Ruby (multiple versions):
With OpenSSL 1.0.1-1 under Arch Linux, this times out:
python
import requests
r = requests.get('https://esqa.moneris.com', timeout=5)
With OpenSSL 1.0.0 under Arch Linux, it works.
OpenSSL 1.0.1 does work however connecting to other HTTPS servers such
as Google, and Thawte's test server.
There is a known issue with some servers mentioned in PR#2771.
See this link for more details:
http://rt.openssl.org/Ticket/Display.html?id=2771user=guestpass=guest
Thanks, looks like there's also a thread on the Arch Linux forum which
I should have noticed:
https://bbs.archlinux.org/viewtopic.php?id=138103
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.1 handshake timeout
On Wed, Mar 28, 2012, James Earl wrote:
On Wed, Mar 28, 2012 at 10:16 AM, Dr. Stephen Henson st...@openssl.org
wrote:
On Wed, Mar 28, 2012, James Earl wrote:
I recently had a timeout issue with a service provider we connect to
over HTTPS. I found downgrading to OpenSSL 1.0.0 solved the problem.
I'm not sure how to determine if it's a bug, an Arch Linux package
issue, or a problem with the service providers server?
I tested using Python and Ruby (multiple versions):
With OpenSSL 1.0.1-1 under Arch Linux, this times out:
python
import requests
r = requests.get('https://esqa.moneris.com', timeout=5)
With OpenSSL 1.0.0 under Arch Linux, it works.
OpenSSL 1.0.1 does work however connecting to other HTTPS servers such
as Google, and Thawte's test server.
There is a known issue with some servers mentioned in PR#2771.
See this link for more details:
http://rt.openssl.org/Ticket/Display.html?id=2771user=guestpass=guest
Thanks, looks like there's also a thread on the Arch Linux forum which
I should have noticed:
https://bbs.archlinux.org/viewtopic.php?id=138103
Several of the TLS servers mentioned in that thread seem to have the problem
mentioned in PR#2771.
Not sure about AES-CBC issues. TLS at least connects fine using AES-CBC
ciphersuites here.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
