[Bug 595415] Re: Curl (openssl) fails to open some https URLs with "illegal parameter" error

[chrone]

i just noted on ubuntu 12.04 server edition x64 that if i use only rc4
chiper on apache mod ssl, the curl could not fect the https://. but if i
enabled higher chiper such as camelia or aes, the curl https:// command
is running fine.

i don't know on which package this bug is. is it from curl, php5-curl,
apache, or openssl.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/595415

Title:
  Curl (openssl) fails to open some https URLs with "illegal parameter"
  error

Status in “curl” package in Ubuntu:
  Incomplete
Status in “openssl” package in Ubuntu:
  Confirmed

Bug description:
  Binary package hint: curl

  Some HTTPS urls cause curl to fail with an "illegal parameter" error.
  This error goes away if you manually specify "--sslv3"

  e.g.

  $ curl --version
  curl 7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15
  Protocols: tftp ftp telnet dict ldap ldaps http file https ftps
  Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

  $ curl  https://www.orange.sk/
  curl: (35) error:14077417:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert illegal parameter

  $ curl  --sslv3 https://www.orange.sk/
  <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="sk" lang="sk">
  ...etc

  This is particularly problematic if using an application which uses
  libcurl, but does not allow setting of the --sslv3 flag, e.g. nagios's
  check_http utility.

  This redhat bug https://bugzilla.redhat.com/show_bug.cgi?id=525496
  appears to describe the same problem, and has a patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/curl/+bug/595415/+subscriptions