On Thu, Oct 18, 2012 at 02:32:10AM +0000, corvid wrote:
I recompiled the https dpi today, and it no longer wanted to work.
I had upgraded slackware in recent weeks, so my openssl version has gone from 0.9.8x to 1.0.1c, which may or may not be relevant at all.
The SSL_connect() was failing.
Adding in some error-printing got me "error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol".
The search engine suggested that one possibility was that a server could be displeased with a cipher that's offered, so I changed SSL_set_cipher_list(ssl_connection, "ALL"); to "TLSv1" randomly, and it now worked.
https://www.openssl.org/docs/apps/ciphers.html shows lots of possibilities, and I tried "DEFAULT". This worked as well. It sounds like the difference is that the default doesn't include aNULL ciphers. Another page says that aNULL means cipher suites that do not offer authentication.
I don't really know what's going on here, obviously.
Neither me. -- Cheers Jorge.-