Hi, On Wed, 28 Aug 2024 13:45:04 +0200 Theo Buehler <tb@theobuehler.org> wrote:
Certainly. Ideally this should not crash Dillo, no matter how obscure.
What crashes dillo?
Opening https://narkive.com crashes Dillo for me, It doesn't happen on any other sites: Nav_open_url: new url='https://narkive.com' Dns_server [0]: narkive.com is 149.248.211.108 Connecting to 149.248.211.108:443 TLS connect error: "an EOF was observed that violates the protocol" Tls_close_by_key: Avoiding SSL shutdown for: https://narkive.com fd 9 is done and failed dillo(84242) in free(): write to free mem 0xb5efb754c40[24..31]@32 gdb: Program received signal SIGABRT, Aborted. thrkill () at /tmp/-:2 2 /tmp/-: No such file or directory. in /tmp/-
I don't know why it shows that version number instead of the latest one, this is a fresh install of a recent snapshot.
It's a bit unfortunate, but the development release on current openbsd snapshots still has 3.9.0 as the version number. It's complicated... The short story is that we can't crank to 4.0.0 because it would break the build of some important ports (e.g., rust).
Thank you for clarifying this.
$ ftp https://narkive.com/test Trying 149.248.211.108... TLS handshake failure: handshake failed: unexpected EOF
I don't see this:
$ ftp https://narkive.com/test Trying 149.248.211.108... Requesting https://narkive.com/test ftp: Error retrieving https://narkive.com/test: 404 Not Found $ nc -cvz narkive.com 443 Connection to narkive.com (149.248.211.108) 443 port [tcp/https] succeeded! TLS handshake negotiated TLSv1.3/TLS_AES_128_GCM_SHA256 with host narkive.com Peer name: narkive.com Subject: /CN=narkive.com Issuer: /C=US/O=Let's Encrypt/CN=R11 Valid From: Fri Jul 26 06:13:58 2024 Valid Until: Thu Oct 24 06:13:57 2024 Cert Hash: SHA256:456275146f4b2e65c16d2432ff87917a4501ddb41dcb158195255c5995abbbf1 OCSP URL: http://r11.o.lencr.org
This looks all good from here.
My nc output matches yours, but ftp still gets the handshake failure. Maybe it's something network specific on my end? But like I mentioned, an older OpenBSD system on my network with LibreSSL 3.6.0 does not have an issue with that site. I disabled pf just in case, but to no avail. I'm open to any clues on how to diagnose this! Regards, Alex