Argh, https

For some reason, OpenSSL-using command line clients – but not any browsers – are choking on the RSS feed for this site when fetched via https.  So, the site no longer defaults to https.  It’s still available if you want to use it, and I’ll work on fixing the setup.

The way to see it is:

openssl s_client -connect www.dragonflydigest.com:443

You will notice an error in the output like this:

672060044:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_lib.c:184:

There’s lots of references to errors like this out there – many different, some for bugs long fixed.  I daresay it’s a configuration screwup I haven’t figured out yet; I’ve noticed that adding -tls1 or -no_tls1 or -ssl2 or -ssl3 to the above command makes the problem go away.

 

2 Replies to “Argh, https”

  1. LibreSSL is compiling under Dfly. If you find out what causes the problem I can check if it persists on Libre.

  2. On OpenBSD current with LibreSSL 2.0. Here is what rawdog (RSS aggregator) reports. Hope the error message helps.

    $ rawdog –dump https://www.dragonflydigest.com/feed
    {‘bozo’: 1,
    ‘bozo_exception’: URLError(SSLError(8, ‘_ssl.c:510: EOF occurred in violation of protocol’),),
    ‘entries’: [],
    ‘feed’: {}}

Comments are closed.