[openssl.org #2807] Can't connect to Evernote server

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[openssl.org #2807] Can't connect to Evernote server

Rich Salz via RT
> [[hidden email] - Sat May 05 20:27:54 2012]:
>
> Hi all,
>
> Probably there is some regression in openssl.
>
> After some
> updates on my system I can't use Evernote under wine anymore. I posted
> a bug: http://bugs.winehq.org/show_bug.cgi?id=30598
>
> Looking for a
> solution I've founded the following post in the Evernote blog:
> http://blog.evernote.com/tech/2011/09/23/security-hang-ups/
>
> I've
> done simple test described above:
>
> $ curl -v -i -s
> https://www.evernote.com/robots.txt
> * About to connect() to
> www.evernote.com port 443 (#0)
> *   Trying 204.154.94.81... connected
> * successfully set certificate verify locations:
> *   CAfile: none
> CApath: /etc/ssl/certs
> * SSLv3, TLS handshake, Client hello (1):
> *
> Unknown SSL protocol error in connection to www.evernote.com:443
> *
> Closing connection #0
>

Looks like it doesn't like TLS v1.2 or v1.1 connections and wont
downgrade to 1.0. Try it with the -tls1 option and see if that helps.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: [openssl.org #2807] Can't connect to Evernote server

Rich Salz via RT
> Looks like it doesn't like TLS v1.2 or v1.1 connections and wont
> downgrade to 1.0. Try it with the -tls1 option and see if that helps.

Hi Steve,

I've tried -tls1 option. It didn't help. But I successed with -ssl3 option.

Does it mean something? Should it be handled automaticaly?

--
???? ??????? <[hidden email]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: [openssl.org #2807] Can't connect to Evernote server

Rich Salz via RT
In reply to this post by Rich Salz via RT
I looked on page http://msdn.microsoft.com/en-us/library/windows/desktop/aa384066(v=vs.85).aspx. There is noted:

By default only SSL3 and TLS1 are enabled.

Wine uses SSLv23_method so it will send SSL2 hello. May it be a problem?

--
???? ??????? <[hidden email]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]