misc/145190: SSL hangs when running curl

Jens Kassel jens.kassel at servicefactory.com
Tue Mar 30 06:40:04 UTC 2010 

>Number:         145190
>Category:       misc
>Synopsis:       SSL hangs when running curl
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 30 06:40:03 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Jens Kassel
>Release:        FreeBSD 7.3
>Organization:
Servicefactory AB
>Environment:
FreeBSD h158.servicefactory.com 7.3-RELEASE FreeBSD 7.3-RELEASE #0: Sun Mar 21 06:15:01 UTC 2010     root at walker.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386

>Description:
I have been testing to download with curl from Apache 1.3 server running on FreeBSD 7.2 from machine running different versions of FreeBSD/curl and I can not get to to work when running from machine with FreeBSD 7.3. It just hangs. Same version of curl works when running on FreeBSD 7.2 or FreeBSD 8.0. It seems to be some kind of SSL problem i FreeBSD 7.3

curl output
 curl -v -k -u bpuser:secret  https://217.13.255.179/bp/homerun_payex_latest  > test
* About to connect() to 217.13.255.179 port 443 (#0)
*   Trying 217.13.255.179... connected
* Connected to 217.13.255.179 (217.13.255.179) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /usr/local/share/certs/ca-root-nss.crt
  CApath: none
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
{ [data not shown]
* SSLv3, TLS handshake, Server finished (14):
{ [data not shown]
* SSLv3, TLS handshake, Client key exchange (16):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]
* SSLv3, TLS handshake, Finished (20):
{ [data not shown]
* SSL connection using AES256-SHA
* Server certificate:
*        subject: C=SE; ST=Stockholm; L=Stockholm; O=ServiceFactory; OU=DEV; CN=login; emailAddress=blomman at servicefactory.com
*        start date: 2000-03-08 16:37:56 GMT
*        expire date: 2002-03-08 16:37:56 GMT
*        common name: login (does not match '217.13.255.179')
*        issuer: C=SE; ST=Stockholm; L=Stockholm; O=ServiceFactory; OU=CA; CN=ServiceFactory CA; emailAddress=blomman at servicefactory.com
*        SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Server auth using Basic with user 'bpuser'
> GET /bp/homerun_payex_latest HTTP/1.1
> Authorization: Basic YnB1c2VyOnNlY3JldA==
> User-Agent: curl/7.19.7 (i386-portbld-freebsd7.3) libcurl/7.19.7 OpenSSL/0.9.8e zlib/1.2.3
> Host: 217.13.255.179
> Accept: */*
>
* SSLv3, TLS handshake, Hello request (0):
{ [data not shown]
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:06 --:--:--     0^C
 
>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list