curl-library
Failed Self Test (Mac OSX, x64)
Date: Sat, 12 Oct 2013 22:28:55 -0400
Hi Guys,
I wanted to offer this up in case you encounter it in the future.
When I configure OpenSSL, I use the following:
./config shared -no-ssl2 -no-ssl3 -no-comp \
-no-hw -no-engine --openssldir=...
I believe the lack of SSLv3 is causing the handshake failures.
(And sorry about posting here. SourceForge is now returning code 500
(internal server error)).
Jeff
startnew: .httptls_server.pid faked with pid=8651
RUN: ../src/curl --max-time 13 --output log/httptls_verify.out
--verbose --globoff --insecure --tlsauthtype SRP --tlsuser jsmith
--tlspassword abc "https://127.0.0.1:9011/verifiedserver"
2>log/httptls_verify.log
CMD (8960): ../src/curl --max-time 13 --output log/httptls_verify.out
--verbose --globoff --insecure --tlsauthtype SRP --tlsuser jsmith
--tlspassword abc "https://127.0.0.1:9011/verifiedserver"
2>log/httptls_verify.log
RUN: curl command returned 35
RUN: * About to connect() to 127.0.0.1 port 9011 (#0)
RUN: * Trying 127.0.0.1...
RUN: * Adding handle: conn: 0x61b00001f180
RUN: * Adding handle: send: 0
RUN: * Adding handle: recv: 0
RUN: * Curl_addHandleToPipeline: length: 1
RUN: * - Conn 0 (0x61b00001f180) send_pipe: 1, recv_pipe: 0
RUN: % Total % Received % Xferd Average Speed Time Time
Time Current
RUN: Dload Upload Total Spent
Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:--
--:--:-- 0* Connected to 127.0.0.1 (127.0.0.1) port 9011 (#0)
RUN: * Set version TLSv1 for SRP authorisation
RUN: * Using TLS-SRP username: jsmith
RUN: * Setting cipher list SRP
RUN: * SSLv3, TLS handshake, Client hello (1):
RUN: } [data not shown]
RUN: * SSLv3, TLS alert, Server hello (2):
RUN: { [data not shown]
RUN: * error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
RUN: * Closing connection 0
RUN: curl: (35) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3
alert handshake failure
RUN: Unknown server on our httptls port: 9011 (35)
RUN: HTTPTLS server failed verification
RUN: Process with pid 8651 signalled to die
RUN: Process with pid 8651 forced to die with SIGKILL
== Contents of files in the log/ dir after test 320
=== Start of file httptls_server.log
Warning: no private key and certificate pairs were set.
HTTP Server listening on IPv4 0.0.0.0 port 9011...done
HTTP Server listening on IPv6 :: port 9011...done
Error in handshake
Exiting via signal 15
Set static Diffie-Hellman parameters, consider --dhparams.
* Accepted connection from IPv4 127.0.0.1 port 57512 on Sat Oct 12
20:44:39 2013
Error: Could not negotiate a supported cipher suite.
=== End of file httptls_server.log
=== Start of file httptls_verify.log
* About to connect() to 127.0.0.1 port 9011 (#0)
* Trying 127.0.0.1...
* Adding handle: conn: 0x61b00001f180
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x61b00001f180) send_pipe: 1, recv_pipe: 0
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:--
--:--:-- 0* Connected to 127.0.0.1 (127.0.0.1) port 9011 (#0)
* Set version TLSv1 for SRP authorisation
* Using TLS-SRP username: jsmith
* Setting cipher list SRP
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS alert, Server hello (2):
{ [data not shown]
* error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Closing connection 0
curl: (35) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert
handshake failure
=== End of file httptls_verify.log
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-10-13