Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#1319 Bug: "Unsupported SSL protocol version" Error

closed-fixed
None
5
2014-07-10
2014-01-02
No

Since I have upgraded from version 7.33 to 7.34, I am getting "Unsupported SSL protocol version" error with SSLv3.

In order to reproduce the problem, run the command:
curl -v -3 -g 'https://aur.archlinux.org/'

Following output error will be showin in my machine:
Hostname was NOT found in DNS cache
Adding handle: conn: 0x237e040
Adding handle: send: 0
Adding handle: recv: 0
Curl_addHandleToPipeline: length: 1
- Conn 0 (0x237e040) send_pipe: 1, recv_pipe: 0
Trying 78.46.78.247...
Trying 2a01:4f8:120:34c2::2...
Immediate connect fail for 2a01:4f8:120:34c2::2: Network is unreachable
Connected to aur.archlinux.org (78.46.78.247) port 443 (#0)
Unsupported SSL protocol version
Closing connection 0
curl: (35) Unsupported SSL protocol version

My System Info:
$curl -V
curl 7.34.0 (x86_64-unknown-linux-gnu) libcurl/7.34.0 OpenSSL/1.0.1e zlib/1.2.8 libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP

$uname -a
Linux mohammad-tp 3.12.6-1-ARCH #1 SMP PREEMPT Fri Dec 20 19:39:00 CET 2013 x86_64 GNU/Linux

Discussion

    • status: open --> closed-fixed
    • assigned_to: Daniel Stenberg
     
  • Thanks for your report. This is indeed a bug and we have already fixed in git by Barry Abrahamson since commit 4bb74005298bb0c51

    Case closed!

     
  • Adrian Sandu
    Adrian Sandu
    2014-01-29

    $ curl https://www.lynda.com/ -v
    Hostname was NOT found in DNS cache
    Trying 69.20.127.243...
    Connected to www.lynda.com (69.20.127.243) port 443 (#0)
    successfully set certificate verify locations:
    CAfile: none
    CApath: /etc/ssl/certs
    SSLv3, TLS handshake, Client hello (1):
    Unknown SSL protocol error in connection to www.lynda.com:443
    Closing connection 0
    curl: (35) Unknown SSL protocol error in connection to www.lynda.com:443

    $ curl -V
    curl 7.27.0 (x86_64-unknown-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 librtmp/2.3
    Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp
    Features: AsynchDNS IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP

     
    • This is because you are using libcurl 7.35.0... Try updating your libcurl version to 7.36.0

       
      Last edit: Quanah Gibson-Mount 2014-05-01
  • This still appears to be broken in some cases with 7.36.0:

    /opt/zimbra/curl/bin/curl --version
    curl 7.36.0 (x86_64-unknown-linux-gnu) libcurl/7.36.0 OpenSSL/1.0.1f zlib/1.2.3
    Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smtp smtps telnet tftp
    Features: GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP

    /opt/zimbra/curl/bin/curl -vvv --cacert /opt/zimbra/conf/ca/ca.pem https://mail.company.com:7071
    Rebuilt URL to: https://mail.company.com:7071/
    Hostname was NOT found in DNS cache
    Trying 1.2.3.4...
    Connected to mail.company.com (1.2.3.4) port 7071 (#0)
    successfully set certificate verify locations:
    CAfile: /opt/zimbra/conf/ca/ca.pem
    CApath: none
    SSLv3, TLS handshake, Client hello (1):
    Unknown SSL protocol error in connection to mail.company.com:7071
    * Closing connection 0
    curl: (35) Unknown SSL protocol error in connection to mail.company.com:7071

    This worked fine with curl/libcurl 7.31.0

     
  • I have the same issue:

    curl https://www.vivapayments.com/ -v
    Hostname was NOT found in DNS cache
    Trying 162.13.22.246...
    Connected to www.vivapayments.com (162.13.22.246) port 443 (#0)
    successfully set certificate verify locations:
    CAfile: /usr/local/share/certs/ca-root-nss.crt
    CApath: none
    SSLv3, TLS handshake, Client hello (1):
    Unknown SSL protocol error in connection to www.vivapayments.com:443
    Closing connection 0
    curl: (35) Unknown SSL protocol error in connection to www.vivapayments.com:443