cURL / Mailing Lists / curl-library / Single Mail

curl-library

failure to support TLSv1 and SSLv2 on Solaris10

From: Alona Rossen <arossen_at_opentext.com>
Date: Fri, 11 Jul 2014 20:38:00 +0000

Hello,

Our C++ application uses libcurl 7.21.0 linked to openssl-1.0.0m to implement a variety of functionalities, including SMTP mail transfer.

The application runs on numerous platforms of different versions, including Windows, Solaris 10/11 SPARC, Solaris 10/11 Intel, AIX6.1/7.1, different flavors and versions of Linux.

We set up a test scenario in which we send an email using the same email server and account, utilizing TLSv1, SSLv2, SSLv3 protocols.
The scenario successfully sends an email via any SSL protocol from any client platform, with the exception of Solaris 10 SPARC, where TLSv1 and SSLv2 fail with the following error message:

INFO_HEADER_OUT:
STARTTLS

INFO_HEADER_IN:
220 2.0.0 SMTP server ready

INFO_TEXT:
SSLv3, TLS handshake, Client hello (1):

INFO_TEXT:
SSLv3, TLS handshake, Server hello (2):

INFO_TEXT:
SSLv3, TLS handshake, CERT (11):

INFO_TEXT:
SSLv3, TLS handshake, Server finished (14):

INFO_TEXT:
SSLv3, TLS handshake, Client
key exchange (16):

INFO_TEXT:
SSLv3, TLS change cipher, Client hello (1):

INFO_TEXT:
SSLv3, TLS handshake, Finished (20):

INFO_TEXT:
Unknown SSL protocol error in connection to our-server.com:<port>

INFO_HEADER_OUT:
QUIT

Solaris 10 (SSLv3 only):

$> /qahome2/alona/OTIC> ldd libcurl.so
        libdl.so.1 => /lib/libdl.so.1
        libldap.so.5 => /usr/lib/libldap.so.5
        librt.so.1 => /lib/librt.so.1
        libsocket.so.1 => /lib/libsocket.so.1
        libnsl.so.1 => /lib/libnsl.so.1
        libssl.so.1.0.0 => /qahome2/alona/OTIC/libssl.so.1.0.0
        libcrypto.so.1.0.0 => /qahome2/alona/OTIC/libcrypto.so.1.0.0
        libz.so.1 => /usr/lib/libz.so.1
        libc.so.1 => /lib/libc.so.1
        libsasl.so.1 => /usr/lib/libsasl.so.1
        libmd.so.1 => /lib/libmd.so.1
        libnspr4.so => /usr/lib/mps/libnspr4.so
        libplc4.so => /usr/lib/mps/libplc4.so
        libnss3.so => /usr/lib/mps/libnss3.so
        libssl3.so => /usr/lib/mps/libssl3.so
        libaio.so.1 => /lib/libaio.so.1
        libmp.so.2 => /lib/libmp.so.2
        libscf.so.1 => /lib/libscf.so.1
        libpthread.so.1 => /lib/libpthread.so.1
        libnssutil3.so => /usr/lib/mps/libnssutil3.so
        libplds4.so => /usr/lib/mps/libplds4.so
        libthread.so.1 => /lib/libthread.so.1
        libdoor.so.1 => /lib/libdoor.so.1
        libuutil.so.1 => /lib/libuutil.so.1
        libgen.so.1 => /lib/libgen.so.1
        libm.so.2 => /lib/libm.so.2
        /platform/SUNW,Sun-Fire-T1000/lib/libc_psr.so.1
        /platform/SUNW,Sun-Fire-T1000/lib/libmd_psr.so.1
        /usr/lib/mps/cpu/sparcv8plus/libnspr_flt4.so

Solaris 11(all SSL versions):

/export/home/alona/OTIC> ldd libcurl.so
        libdl.so.1 => /lib/libdl.so.1
        libidn.so.11 => /usr/lib/libidn.so.11
        libldap.so.5 => /usr/lib/libldap.so.5
        libsocket.so.1 => /lib/libsocket.so.1
        libnsl.so.1 => /lib/libnsl.so.1
        libssl.so.1.0.0 => /export/home/alona/OTIC/libssl.so.1.0.0
        libcrypto.so.1.0.0 => /export/home/alona/OTIC/libcrypto.so.1.0.0
        libz.so.1 => /lib/libz.so.1
        libc.so.1 => /lib/libc.so.1
        libsasl.so.1 => /usr/lib/libsasl.so.1
        libmd.so.1 => /lib/libmd.so.1
        libnspr4.so => /usr/lib/mps/libnspr4.so
        libplc4.so => /usr/lib/mps/libplc4.so
        libnss3.so => /usr/lib/mps/libnss3.so
        libssl3.so => /usr/lib/mps/libssl3.so
        libmp.so.2 => /lib/libmp.so.2
        libsoftcrypto.so.1 => /lib/libsoftcrypto.so.1
        libelf.so.1 => /lib/libelf.so.1
        libpthread.so.1 => /lib/libpthread.so.1
        librt.so.1 => /lib/librt.so.1
        libnssutil3.so => /usr/lib/mps/libnssutil3.so
        libplds4.so => /usr/lib/mps/libplds4.so
        libthread.so.1 => /lib/libthread.so.1
        libcryptoutil.so.1 => /lib/libcryptoutil.so.1
        libm.so.2 => /lib/libm.so.2
        /lib/libm/libm_hwcap1.so.2
        /usr/lib/mps/cpu/sparcv8plus/libnspr_flt4.so
/export/home/alona/OTIC>

Can someone explain failure to support TLSv1 and SSLv2 on one platform?

Thank you,
Alona

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-07-11