Hey! After the update that introduced the workaround, my python program
(which uses mediafire) works again, even though the openssl command doesn't
yet.
2012/3/30 Colin Watson <email address hidden>
> I've uploaded upstream's suggested workaround for most of the problems
> here. It isn't complete, and in particular it doesn't deal with the
> server in the bug description (see the Debian bug for a categorisation
> of the problems here), which is why I've left this bug open at a lowered
> importance.
>
> openssl (1.0.1-2ubuntu3) precise; urgency=low
>
> * Temporarily work around TLS 1.2 failures as suggested by upstream
> (LP #965371):
> - Use client version when deciding whether to send supported signature
> algorithms extension.
> - Experimental workaround to large client hello issue: if
> OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients
> only.
> - Compile with -DOPENSSL_NO_TLS1_2_CLIENT.
> This fixes most of the reported problems, but does not fix the case of
> servers that reject version numbers they don't support rather than
> trying to negotiate a lower version (e.g. www.mediafire.com).
>
> -- Colin Watson <email address hidden> Fri, 30 Mar 2012 17:11:45 +0100
>
> ** Changed in: openssl (Ubuntu Precise)
> Importance: High => Medium
>
> ** Changed in: openssl (Ubuntu Precise)
> Status: Confirmed => Triaged
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/965371
>
> Title:
> HTTPS requests fail on some sites on Ubuntu 12.04
>
> Status in OpenSSL cryptography and SSL/TLS toolkit:
> Confirmed
> Status in “openssl” package in Ubuntu:
> Triaged
> Status in “openssl” source package in Precise:
> Triaged
> Status in “openssl” package in Debian:
> New
>
> Bug description:
> This week, HTTPS connections from a Python script I wrote started
> giving me this error:
>
> urllib2.URLError: <urlopen error [Errno 8] _ssl.c:497: EOF occurred in
> violation of protocol>
>
> This used to work up until some three days ago and still works on
> other Ubuntu versions, but not in other Python versions on Precise. I
> was suspecting this was a bug in Python, but a guy on AskUbuntu (
> http://askubuntu.com/questions/116020/python-https-requests-urllib2
> -to-some-sites-fail-on-ubuntu-12-04-without-proxy/116059#116059 )
> found out this happens using the openssl command line tool too:
>
> $ openssl s_client -connect www.mediafire.com:443
>
> But succeeds if forcing TLS 1 with the -tls1 argument.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/openssl/+bug/965371/+subscriptions
>
Hey! After the update that introduced the workaround, my python program
(which uses mediafire) works again, even though the openssl command doesn't
yet.
2012/3/30 Colin Watson <email address hidden>
> I've uploaded upstream's suggested workaround for most of the problems NO_TLS1_ 2_CLIENT is set then TLS v1.2 is disabled for clients NO_TLS1_ 2_CLIENT. /bugs.launchpad .net/bugs/ 965371 askubuntu. com/questions/ 116020/ python- https-requests- urllib2 sites-fail- on-ubuntu- 12-04-without- proxy/116059# 116059 ) com:443 /bugs.launchpad .net/openssl/ +bug/965371/ +subscriptions
> here. It isn't complete, and in particular it doesn't deal with the
> server in the bug description (see the Debian bug for a categorisation
> of the problems here), which is why I've left this bug open at a lowered
> importance.
>
> openssl (1.0.1-2ubuntu3) precise; urgency=low
>
> * Temporarily work around TLS 1.2 failures as suggested by upstream
> (LP #965371):
> - Use client version when deciding whether to send supported signature
> algorithms extension.
> - Experimental workaround to large client hello issue: if
> OPENSSL_
> only.
> - Compile with -DOPENSSL_
> This fixes most of the reported problems, but does not fix the case of
> servers that reject version numbers they don't support rather than
> trying to negotiate a lower version (e.g. www.mediafire.com).
>
> -- Colin Watson <email address hidden> Fri, 30 Mar 2012 17:11:45 +0100
>
> ** Changed in: openssl (Ubuntu Precise)
> Importance: High => Medium
>
> ** Changed in: openssl (Ubuntu Precise)
> Status: Confirmed => Triaged
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https:/
>
> Title:
> HTTPS requests fail on some sites on Ubuntu 12.04
>
> Status in OpenSSL cryptography and SSL/TLS toolkit:
> Confirmed
> Status in “openssl” package in Ubuntu:
> Triaged
> Status in “openssl” source package in Precise:
> Triaged
> Status in “openssl” package in Debian:
> New
>
> Bug description:
> This week, HTTPS connections from a Python script I wrote started
> giving me this error:
>
> urllib2.URLError: <urlopen error [Errno 8] _ssl.c:497: EOF occurred in
> violation of protocol>
>
> This used to work up until some three days ago and still works on
> other Ubuntu versions, but not in other Python versions on Precise. I
> was suspecting this was a bug in Python, but a guy on AskUbuntu (
> http://
> -to-some-
> found out this happens using the openssl command line tool too:
>
> $ openssl s_client -connect www.mediafire.
>
> But succeeds if forcing TLS 1 with the -tls1 argument.
>
> To manage notifications about this bug go to:
> https:/
>
-- www.google. com/profiles/ pabloalmeidaff9
Pablo Almeida
http://