Comment 23 for bug 861137

Hi,
this Bug is unfortunately still active. Here is how to reproduce it:

$ curl https://auslandsjahr-usa.com --sslv3

$ curl --version
curl 7.35.0 (x86_64-pc-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP

$ openssl version
OpenSSL 1.0.1f 6 Jan 2014

The issue seems to be SSLv3, since

$ curl https://auslandsjahr-usa.com --ssl

works.

Unfortunately this bug also affects all depending libraries and scripting languages. (python 2.7.6 in my case):

$ python -c "import sys; import os; import ssl; print(ssl.OPENSSL_VERSION); sys.path.insert(1, os.path.abspath(os.path.join(os.getcwd(), 'lib'))); import requests; requests.get('https://auslandsjahr-usa.com')"

requests.get('https://auslandsjahr-usa.com')"
OpenSSL 1.0.1f 6 Jan 2014
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/usr/lib/python2.7/dist-packages/requests/api.py", line 55, in get
    return request('get', url, **kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/api.py", line 44, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 455, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 558, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/adapters.py", line 385, in send
    raise SSLError(e)
requests.exceptions.SSLError: [Errno 1] _ssl.c:510: error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error

We use Ubuntu 14.04.2 LTS
# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.2 LTS
Release: 14.04
Codename: trusty

A patch would be highly appreciated.