cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Unknown SSL protocol error in connection (bug 1329)

From: Quanah Gibson-Mount <quanah_at_zimbra.com>
Date: Mon, 05 May 2014 09:46:45 -0700

--On Saturday, May 03, 2014 1:24 AM +0200 Daniel Stenberg <daniel_at_haxx.se>
wrote:

> By insisting on "ALL" (which you really shouldn't) you've basically
> agreed to that it is fine that your TLS connection is insecure.

Mainly, client followed some random (and completely wrong) documentation
that disabled all secure ciphers. They've now rectified that, so only
secure ciphers are used.

> If you can come up with a better error message for this, then I'd be very
> happy to provide that. (Re-)Opening bug reports for this won't help
> much...

Unknown protocol error is so vague as to offer little clue at all to what
the source of the error is. If it had even hinted in some way that the
issue could be an insecure cipher suite, it could have saved us several
hours of debugging. There is no way for curl to throw back an error when
an insecure cipher suite is encountered in the handshake?

--Quanah

--
Quanah Gibson-Mount
Architect - Server
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2014-05-05

This message: [ Message body ]
Next message: Steve Holme: "RE: Issue with IMAP UID FETCH"
Previous message: Jon Torrey: "Building libcurl with Borland BCC5.5 compiler"
In reply to: Daniel Stenberg: "Re: Unknown SSL protocol error in connection (bug 1329)"
Next in thread: Daniel Stenberg: "Re: Unknown SSL protocol error in connection (bug 1329)"
Reply: Daniel Stenberg: "Re: Unknown SSL protocol error in connection (bug 1329)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]