Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#19497 - [openssl] 1.0.0-2 server programs refuse to accept connections

Attached to Project: Arch Linux
Opened by Mihai Militaru (akephalos) - Monday, 17 May 2010, 11:10 GMT
Last edited by Pierre Schmitz (Pierre) - Friday, 28 May 2010, 16:23 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Pierre Schmitz (Pierre)
Architecture x86_64
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description: simple servers using openssl 1.0 refuse to accept simple clients.


Additional info:
* package version: openssl-1.0.0-2
* default configuration, just have openssl 1.0.0 installed


Steps to reproduce:
- download the source of openssl http://www.openssl.org/source/openssl-1.0.0.tar.gz
- extract
- cd into openssl-1.0.0/demos/bio
- type 'make' - two little binaries are build, 'sconnect' and 'saccept'
- (possibly, you need to have port 4433 open, this is used in the source code of the examples)
- in one terminal instance type './saccept', in the other './sconnect'
- the client, 'sconnect' fails with this error or similar:
140203538757288:error:0200206F:system library:connect:Connection refused:bss_conn.c:286:host=localhost:4433
140203538757288:error:2007306E:BIO routines:CONN_STATE:nbio connect error:bss_conn.c:290:
140203538757288:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:184:
---
-instead, the client should have written repeatedly 'write DELAY' and 'read DELAY'
- downgrading openssl to a previous version (my eg.: pacman -U openssl-0.9.8n-1-x86_64.pkg.tar.xz libarchive-2.8.3-1-x86_64.pkg.tar.gz libfetch-2.30-1-x86_64.pkg.tar.gz xorg-server-1.7.5.902-1-x86_64.pkg.tar.xz) makes things work again.
This task depends upon

Closed by  Pierre Schmitz (Pierre)
Friday, 28 May 2010, 16:23 GMT
Reason for closing:  Upstream
Comment by Mihai Militaru (akephalos) - Monday, 17 May 2010, 11:17 GMT
WARNING: if you choose to verify the previous version, downgrading openssl can be done successfully without downgrading pacman, although pacman will refuse to work after this step. Error:

/usr/bin/wget: error while loading shared libraries: libssl.so.1.0.0: cannot open shared object file: No such file or directory
Comment by Mihai Militaru (akephalos) - Monday, 17 May 2010, 11:38 GMT
I forgot to say that before typing make in that example, the Makefile should be edited like this, to use the installed libraries and headers:
- replace
CFLAGS= -g -I../../include
with
CFLAGS= -g -I/usr/include
- replace:
LIBS= -L../.. ../../libssl.a ../../libcrypto.a
with
LIBS= -lssl -lcrypto
Comment by Pierre Schmitz (Pierre) - Friday, 28 May 2010, 13:03 GMT
I am not sure if I get this report correctly, but as these apps are not part of any of our packages this should better be reported upstream. ATM there is no known packages which ahs problems with openssl-1.0.
Comment by Mihai Militaru (akephalos) - Friday, 28 May 2010, 16:02 GMT
That's right, from my part this bug can be closed. I asked upstream it appears to a a mystery.
Comment by Pierre Schmitz (Pierre) - Friday, 28 May 2010, 16:23 GMT
OK, feel free to reopen the bug if there is anything we could do on our side.

Loading...