we've noticed the same problem and i can add some information.
The issue happens when connecting with curl using the lucid version of libssl0.9.8 (version: 0.9.8k-7ubuntu8.14) connecting to i.e. a precise server using libssl1.0.0 (version: 1.0.1-4ubuntu5.8).
Just a few days ago some posted a patch upstream to the libssl-dev mailaing list [1]. However there's not reply there yet.
I just finished tested this patch by applying it on top of the lucid version and doing that i can successfully connect to the precise system using https again.
So functionally that fixes the problem for me.
As the patch has not been reviewed yet we only compiled a patched libssl and are using it only for the failing curl invocation to avoid system-wide side-effects.
In case it is useful for anyone:
apt-get build-dep libssl0.9.8
cd openssl-0.9.8
patch -p1 <
0001-Fix-handling-of-warning-level-alerts-in-SSL23-client.patch
debuild -us -uc -b
can be used to provided a patched libssl0.9.8.
Note: patch applies fine with some fuzz ignoring refects for the CHANGES file.
I would be very happy to see a pathced libssl packages for lucid when possible to be able to remove the locally patched version again.
Hello,
we've noticed the same problem and i can add some information.
The issue happens when connecting with curl using the lucid version of libssl0.9.8 (version: 0.9.8k-7ubuntu8.14) connecting to i.e. a precise server using libssl1.0.0 (version: 1.0.1-4ubuntu5.8).
Just a few days ago some posted a patch upstream to the libssl-dev mailaing list [1]. However there's not reply there yet.
I just finished tested this patch by applying it on top of the lucid version and doing that i can successfully connect to the precise system using https again.
So functionally that fixes the problem for me.
As the patch has not been reviewed yet we only compiled a patched libssl and are using it only for the failing curl invocation to avoid system-wide side-effects.
In case it is useful for anyone: handling- of-warning- level-alerts- in-SSL23- client. patch
apt-get build-dep libssl0.9.8
cd openssl-0.9.8
patch -p1 <
0001-Fix-
debuild -us -uc -b
can be used to provided a patched libssl0.9.8.
Note: patch applies fine with some fuzz ignoring refects for the CHANGES file.
I would be very happy to see a pathced libssl packages for lucid when possible to be able to remove the locally patched version again.
[1] http:// marc.info/ ?l=openssl- dev&m=136760073 921954& w=2