From nobody@FreeBSD.org  Thu Dec 31 15:32:23 2009
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 94BD6106568B
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 31 Dec 2009 15:32:23 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 845FD8FC12
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 31 Dec 2009 15:32:23 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id nBVFWNTe044406
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 31 Dec 2009 15:32:23 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id nBVFWNJo044405;
	Thu, 31 Dec 2009 15:32:23 GMT
	(envelope-from nobody)
Message-Id: <200912311532.nBVFWNJo044405@www.freebsd.org>
Date: Thu, 31 Dec 2009 15:32:23 GMT
From: Jonathan <lordsith49@hotmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: SSLv3 failure with xchat on FreeBSD 8.0
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         142198
>Category:       kern
>Synopsis:       SSLv3 failure with irc/xchat on FreeBSD 8.0
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 31 15:40:01 UTC 2009
>Closed-Date:    
>Last-Modified:  Mon Jun 03 13:50:56 UTC 2013
>Originator:     Jonathan
>Release:        FreeBSD 8.0-RELEASE-p1
>Organization:
>Environment:
FreeBSD myworkdesktop.mycompany.net 8.0-RELEASE-p1 FreeBSD 8.0-RELEASE-p1 #1: Wed Dec 30 12:37:09 MST 2009     root@myworkdesktop.mycompany.net:/usr/obj/usr/src/sys/DUSTPUPPY  i386
>Description:
I recently updated from FreeBSD 7.2-RELEASE-p5 to 8.0-RELEASE-p1 and did
a full reinstall of all ports. After reinstalling irc/xchat attempting to
connect to a SSL enabled server as I had previously done resulted in the
following error:

Connection failed. Error: (336151568) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

I can connect to the same server without any problems using pidgin IRC
as well as Chatzilla on this same desktop. 

Looking through Google a similar error with xchat occured in Linux when
SSLv3 with newer extensions were implemented in OpenSSL 0.9.8g. The
solution was to dumb down OpenSSL so it didn't use the extension. 
>How-To-Repeat:
Install xchat on FreeBSD 8.0-RELEASE-p1.
Attempt to connect to an SSL secured irc server.
>Fix:


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->gnome 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Thu Dec 31 16:49:57 UTC 2009 
Responsible-Changed-Why:  
Fix synopsis and assign. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=142198 

From: "Jeremy Messenger" <mezz7@cox.net>
To: bug-followup@freebsd.org, lordsith49@hotmail.com
Cc:  
Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
Date: Thu, 31 Dec 2009 15:31:40 -0600

 Searched in Google and found a fix in OpenSSL.
 
 http://marc.info/?l=openssl-cvs&m=124095946021321&w=2 (0.9.8 branch w/out  
 comment)
 http://marc.info/?l=openssl-cvs&m=124095943621291&w=2 (1.0.0 branch w/  
 comment)
 
 I have checkout latest of OpenSSL_0_9_8-stable branch in its CVS and  
 create a patch. Can you try to patch in your source tree by use this patch  
 below and see if it fixes this problem for you?
 
 http://people.freebsd.org/~mezz/diff/patch-crypto_openssl_ssl_t1_lib.c
 
 Cheers,
 Mezz
 
 
 -- 
 mezz7@cox.net  -  mezz@FreeBSD.org
 FreeBSD GNOME Team
 http://www.FreeBSD.org/gnome/  -  gnome@FreeBSD.org

From: Jonathan Call <lordsith49@hotmail.com>
To: <mezz7@cox.net>, <bug-followup@freebsd.org>
Cc:  
Subject: RE: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
Date: Mon, 4 Jan 2010 09:48:33 -0700

 --_a95bad9d-6d06-4814-8e6f-a471a61687cc_
 Content-Type: text/plain; charset="iso-8859-1"
 Content-Transfer-Encoding: quoted-printable
 
 
 Steps I took:
 
 cd /usr/src
 patch < /path/to/patch-crypto_openssl_ssl_t1_lib.c
 make buildworld
 
 The following error occurred:
 cc -O2 -pipe -march=3Dprescott -DTERMIOS -DANSI_SOURCE -I/usr/src/secure/li=
 b/libssl/../../../crypto/openssl -I/usr/src/secure/lib/libssl/../../../cryp=
 to/openssl/crypto -I/usr/obj/usr/src/secure/lib/libssl -DOPENSSL_THREADS -D=
 DSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA -DL_ENDIAN -DNO_IDEA -std=3Dgnu9=
 9 -fstack-protector  -c /usr/src/secure/lib/libssl/../../../crypto/openssl/=
 ssl/t1_enc.c
 cc -O2 -pipe -march=3Dprescott -DTERMIOS -DANSI_SOURCE -I/usr/src/secure/li=
 b/libssl/../../../crypto/openssl -I/usr/src/secure/lib/libssl/../../../cryp=
 to/openssl/crypto -I/usr/obj/usr/src/secure/lib/libssl -DOPENSSL_THREADS -D=
 DSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA -DL_ENDIAN -DNO_IDEA -std=3Dgnu9=
 9 -fstack-protector  -c /usr/src/secure/lib/libssl/../../../crypto/openssl/=
 ssl/t1_lib.c
 /usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/t1_lib.c: In functio=
 n 'ssl_add_clienthello_tlsext':
 /usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/t1_lib.c:138: error:=
  'struct ssl3_state_st' has no member named 'send_connection_binding'
 /usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/t1_lib.c: In functio=
 n 'ssl_add_serverhello_tlsext':
 /usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/t1_lib.c:260: error:=
  'struct ssl3_state_st' has no member named 'send_connection_binding'
 *** Error code 1
 
 Stop in /usr/src/secure/lib/libssl.
 *** Error code 1
 
 Stop in /usr/src.
 *** Error code 1
 
 Stop in /usr/src.
 *** Error code 1
 
 Stop in /usr/src.
 *** Error code 1
 
 Stop in /usr/src.
 
 
 
 Please advise.
 
 
 Jonathan
 
 > To: bug-followup@freebsd.org=3B lordsith49@hotmail.com
 > Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
 > Date: Thu=2C 31 Dec 2009 15:31:40 -0600
 > From: mezz7@cox.net
 >=20
 > Searched in Google and found a fix in OpenSSL.
 >=20
 > http://marc.info/?l=3Dopenssl-cvs&m=3D124095946021321&w=3D2 (0.9.8 branch=
  w/out =20
 > comment)
 > http://marc.info/?l=3Dopenssl-cvs&m=3D124095943621291&w=3D2 (1.0.0 branch=
  w/ =20
 > comment)
 >=20
 > I have checkout latest of OpenSSL_0_9_8-stable branch in its CVS and =20
 > create a patch. Can you try to patch in your source tree by use this patc=
 h =20
 > below and see if it fixes this problem for you?
 >=20
 > http://people.freebsd.org/~mezz/diff/patch-crypto_openssl_ssl_t1_lib.c
 >=20
 > Cheers=2C
 > Mezz
 >=20
 >=20
 > --=20
 > mezz7@cox.net  -  mezz@FreeBSD.org
 > FreeBSD GNOME Team
 > http://www.FreeBSD.org/gnome/  -  gnome@FreeBSD.org
  		 	   		 =20
 _________________________________________________________________
 Hotmail: Free=2C trusted and rich email service.
 http://clk.atdmt.com/GBL/go/171222984/direct/01/=
 
 --_a95bad9d-6d06-4814-8e6f-a471a61687cc_
 Content-Type: text/html; charset="iso-8859-1"
 Content-Transfer-Encoding: quoted-printable
 
 <html>
 <head>
 <style><!--
 .hmmessage P
 {
 margin:0px=3B
 padding:0px
 }
 body.hmmessage
 {
 font-size: 10pt=3B
 font-family:Verdana
 }
 --></style>
 </head>
 <body class=3D'hmmessage'>
 Steps I took:<br><br>cd /usr/src<br>patch &lt=3B /path/to/patch-crypto_open=
 ssl_ssl_t1_lib.c<br>make buildworld<br><br>The following error occurred:<br=
 >cc -O2 -pipe -march=3Dprescott -DTERMIOS -DANSI_SOURCE -I/usr/src/secure/l=
 ib/libssl/../../../crypto/openssl -I/usr/src/secure/lib/libssl/../../../cry=
 pto/openssl/crypto -I/usr/obj/usr/src/secure/lib/libssl -DOPENSSL_THREADS -=
 DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA -DL_ENDIAN -DNO_IDEA -std=3Dgnu=
 99 -fstack-protector&nbsp=3B -c /usr/src/secure/lib/libssl/../../../crypto/=
 openssl/ssl/t1_enc.c<br>cc -O2 -pipe -march=3Dprescott -DTERMIOS -DANSI_SOU=
 RCE -I/usr/src/secure/lib/libssl/../../../crypto/openssl -I/usr/src/secure/=
 lib/libssl/../../../crypto/openssl/crypto -I/usr/obj/usr/src/secure/lib/lib=
 ssl -DOPENSSL_THREADS -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA -DL_ENDI=
 AN -DNO_IDEA -std=3Dgnu99 -fstack-protector&nbsp=3B -c /usr/src/secure/lib/=
 libssl/../../../crypto/openssl/ssl/t1_lib.c<br>/usr/src/secure/lib/libssl/.=
 ./../../crypto/openssl/ssl/t1_lib.c: In function 'ssl_add_clienthello_tlsex=
 t':<br>/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/t1_lib.c:138:=
  error: 'struct ssl3_state_st' has no member named 'send_connection_binding=
 '<br>/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/t1_lib.c: In fu=
 nction 'ssl_add_serverhello_tlsext':<br>/usr/src/secure/lib/libssl/../../..=
 /crypto/openssl/ssl/t1_lib.c:260: error: 'struct ssl3_state_st' has no memb=
 er named 'send_connection_binding'<br>*** Error code 1<br><br>Stop in /usr/=
 src/secure/lib/libssl.<br>*** Error code 1<br><br>Stop in /usr/src.<br>*** =
 Error code 1<br><br>Stop in /usr/src.<br>*** Error code 1<br><br>Stop in /u=
 sr/src.<br>*** Error code 1<br><br>Stop in /usr/src.<br><br><br><br>Please =
 advise.<br><br><br>Jonathan<br><br>&gt=3B To: bug-followup@freebsd.org=3B l=
 ordsith49@hotmail.com<br>&gt=3B Subject: Re: ports/142198: SSLv3 failure wi=
 th irc/xchat on FreeBSD 8.0<br>&gt=3B Date: Thu=2C 31 Dec 2009 15:31:40 -06=
 00<br>&gt=3B From: mezz7@cox.net<br>&gt=3B <br>&gt=3B Searched in Google an=
 d found a fix in OpenSSL.<br>&gt=3B <br>&gt=3B http://marc.info/?l=3Dopenss=
 l-cvs&amp=3Bm=3D124095946021321&amp=3Bw=3D2 (0.9.8 branch w/out  <br>&gt=3B=
  comment)<br>&gt=3B http://marc.info/?l=3Dopenssl-cvs&amp=3Bm=3D12409594362=
 1291&amp=3Bw=3D2 (1.0.0 branch w/  <br>&gt=3B comment)<br>&gt=3B <br>&gt=3B=
  I have checkout latest of OpenSSL_0_9_8-stable branch in its CVS and  <br>=
 &gt=3B create a patch. Can you try to patch in your source tree by use this=
  patch  <br>&gt=3B below and see if it fixes this problem for you?<br>&gt=
 =3B <br>&gt=3B http://people.freebsd.org/~mezz/diff/patch-crypto_openssl_ss=
 l_t1_lib.c<br>&gt=3B <br>&gt=3B Cheers=2C<br>&gt=3B Mezz<br>&gt=3B <br>&gt=
 =3B <br>&gt=3B -- <br>&gt=3B mezz7@cox.net  -  mezz@FreeBSD.org<br>&gt=3B F=
 reeBSD GNOME Team<br>&gt=3B http://www.FreeBSD.org/gnome/  -  gnome@FreeBSD=
 .org<br> 		 	   		  <br /><hr />Hotmail: Free=2C trusted and rich email ser=
 vice. <a href=3D'http://clk.atdmt.com/GBL/go/171222984/direct/01/' target=
 =3D'_new'>Get it now.</a></body>
 </html>=
 
 --_a95bad9d-6d06-4814-8e6f-a471a61687cc_--

From: "Jeremy Messenger" <mezz7@cox.net>
To: "Jonathan Call" <lordsith49@hotmail.com>, bug-followup@freebsd.org
Cc:  
Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
Date: Wed, 06 Jan 2010 17:38:46 -0600

 On Mon, 04 Jan 2010 10:48:33 -0600, Jonathan Call <lordsith49@hotmail.com>  
 wrote:
 
 >
 > Steps I took:
 >
 > cd /usr/src
 > patch < /path/to/patch-crypto_openssl_ssl_t1_lib.c
 > make buildworld
 >
 > The following error occurred:
 <snip>
 >
 >
 >
 > Please advise.
 
 Ah, it means that I can't checkout latest version of 0.9.8 branch. So..  
 Let's follow this very same fix:
 
 http://marc.info/?l=openssl-cvs&m=124095946021321&w=2
 
 My other machine is on Windows 7 and I can't shut it down at the moment  
 (work related), so not able to update the patch. If you don't mind to edit  
 file and let me know the result will be cool.
 
 Thanks,
 Mezz
 
 > Jonathan
 >
 >> To: bug-followup@freebsd.org; lordsith49@hotmail.com
 >> Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
 >> Date: Thu, 31 Dec 2009 15:31:40 -0600
 >> From: mezz7@cox.net
 >>
 >> Searched in Google and found a fix in OpenSSL.
 >>
 >> http://marc.info/?l=openssl-cvs&m=124095946021321&w=2 (0.9.8 branch  
 >> w/out
 >> comment)
 >> http://marc.info/?l=openssl-cvs&m=124095943621291&w=2 (1.0.0 branch w/
 >> comment)
 >>
 >> I have checkout latest of OpenSSL_0_9_8-stable branch in its CVS and
 >> create a patch. Can you try to patch in your source tree by use this  
 >> patch
 >> below and see if it fixes this problem for you?
 >>
 >> http://people.freebsd.org/~mezz/diff/patch-crypto_openssl_ssl_t1_lib.c
 >>
 >> Cheers,
 >> Mezz
 >>
 >>
 >> --
 >> mezz7@cox.net  -  mezz@FreeBSD.org
 >> FreeBSD GNOME Team
 >> http://www.FreeBSD.org/gnome/  -  gnome@FreeBSD.org
 
 
 -- 
 mezz7@cox.net  -  mezz@FreeBSD.org
 FreeBSD GNOME Team
 http://www.FreeBSD.org/gnome/  -  gnome@FreeBSD.org

From: Jonathan Call <lordsith49@hotmail.com>
To: <mezz7@cox.net>, <bug-followup@freebsd.org>
Cc:  
Subject: RE: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
Date: Fri, 8 Jan 2010 12:21:52 -0700

 --_6c694d92-9cb1-43d9-a571-fe210179f3d3_
 Content-Type: text/plain; charset="iso-8859-1"
 Content-Transfer-Encoding: quoted-printable
 
 
 I applied that patch and after a 'make buildworld' and a 'make installworld=
 ' xchat now connects to an SSL enabled server without any errors.
 
 Jonathan
 
 > To: lordsith49@hotmail.com=3B bug-followup@freebsd.org
 > Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
 > Date: Wed=2C 6 Jan 2010 17:38:46 -0600
 > From: mezz7@cox.net
 >=20
 > On Mon=2C 04 Jan 2010 10:48:33 -0600=2C Jonathan Call <lordsith49@hotmail=
 .com> =20
 > wrote:
 >=20
 > >
 > > Steps I took:
 > >
 > > cd /usr/src
 > > patch < /path/to/patch-crypto_openssl_ssl_t1_lib.c
 > > make buildworld
 > >
 > > The following error occurred:
 > <snip>
 > >
 > >
 > >
 > > Please advise.
 >=20
 > Ah=2C it means that I can't checkout latest version of 0.9.8 branch. So..=
  =20
 > Let's follow this very same fix:
 >=20
 > http://marc.info/?l=3Dopenssl-cvs&m=3D124095946021321&w=3D2
 >=20
 > My other machine is on Windows 7 and I can't shut it down at the moment =
 =20
 > (work related)=2C so not able to update the patch. If you don't mind to e=
 dit =20
 > file and let me know the result will be cool.
 >=20
 > Thanks=2C
 > Mezz
 >=20
 > > Jonathan
 > >
 > >> To: bug-followup@freebsd.org=3B lordsith49@hotmail.com
 > >> Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
 > >> Date: Thu=2C 31 Dec 2009 15:31:40 -0600
 > >> From: mezz7@cox.net
 > >>
 > >> Searched in Google and found a fix in OpenSSL.
 > >>
 > >> http://marc.info/?l=3Dopenssl-cvs&m=3D124095946021321&w=3D2 (0.9.8 bra=
 nch =20
 > >> w/out
 > >> comment)
 > >> http://marc.info/?l=3Dopenssl-cvs&m=3D124095943621291&w=3D2 (1.0.0 bra=
 nch w/
 > >> comment)
 > >>
 > >> I have checkout latest of OpenSSL_0_9_8-stable branch in its CVS and
 > >> create a patch. Can you try to patch in your source tree by use this =
 =20
 > >> patch
 > >> below and see if it fixes this problem for you?
 > >>
 > >> http://people.freebsd.org/~mezz/diff/patch-crypto_openssl_ssl_t1_lib.c
 > >>
 > >> Cheers=2C
 > >> Mezz
 > >>
 > >>
 > >> --
 > >> mezz7@cox.net  -  mezz@FreeBSD.org
 > >> FreeBSD GNOME Team
 > >> http://www.FreeBSD.org/gnome/  -  gnome@FreeBSD.org
 >=20
 >=20
 > --=20
 > mezz7@cox.net  -  mezz@FreeBSD.org
 > FreeBSD GNOME Team
 > http://www.FreeBSD.org/gnome/  -  gnome@FreeBSD.org
  		 	   		 =20
 _________________________________________________________________
 Your E-mail and More On-the-Go. Get Windows Live Hotmail Free.
 http://clk.atdmt.com/GBL/go/196390709/direct/01/=
 
 --_6c694d92-9cb1-43d9-a571-fe210179f3d3_
 Content-Type: text/html; charset="iso-8859-1"
 Content-Transfer-Encoding: quoted-printable
 
 <html>
 <head>
 <style><!--
 .hmmessage P
 {
 margin:0px=3B
 padding:0px
 }
 body.hmmessage
 {
 font-size: 10pt=3B
 font-family:Verdana
 }
 --></style>
 </head>
 <body class=3D'hmmessage'>
 I applied that patch and after a 'make buildworld' and a 'make installworld=
 ' xchat now connects to an SSL enabled server without any errors.<br><br>Jo=
 nathan<br><br>&gt=3B To: lordsith49@hotmail.com=3B bug-followup@freebsd.org=
 <br>&gt=3B Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeB=
 SD 8.0<br>&gt=3B Date: Wed=2C 6 Jan 2010 17:38:46 -0600<br>&gt=3B From: mez=
 z7@cox.net<br>&gt=3B <br>&gt=3B On Mon=2C 04 Jan 2010 10:48:33 -0600=2C Jon=
 athan Call &lt=3Blordsith49@hotmail.com&gt=3B  <br>&gt=3B wrote:<br>&gt=3B =
 <br>&gt=3B &gt=3B<br>&gt=3B &gt=3B Steps I took:<br>&gt=3B &gt=3B<br>&gt=3B=
  &gt=3B cd /usr/src<br>&gt=3B &gt=3B patch &lt=3B /path/to/patch-crypto_ope=
 nssl_ssl_t1_lib.c<br>&gt=3B &gt=3B make buildworld<br>&gt=3B &gt=3B<br>&gt=
 =3B &gt=3B The following error occurred:<br>&gt=3B &lt=3Bsnip&gt=3B<br>&gt=
 =3B &gt=3B<br>&gt=3B &gt=3B<br>&gt=3B &gt=3B<br>&gt=3B &gt=3B Please advise=
 .<br>&gt=3B <br>&gt=3B Ah=2C it means that I can't checkout latest version =
 of 0.9.8 branch. So..  <br>&gt=3B Let's follow this very same fix:<br>&gt=
 =3B <br>&gt=3B http://marc.info/?l=3Dopenssl-cvs&amp=3Bm=3D124095946021321&=
 amp=3Bw=3D2<br>&gt=3B <br>&gt=3B My other machine is on Windows 7 and I can=
 't shut it down at the moment  <br>&gt=3B (work related)=2C so not able to =
 update the patch. If you don't mind to edit  <br>&gt=3B file and let me kno=
 w the result will be cool.<br>&gt=3B <br>&gt=3B Thanks=2C<br>&gt=3B Mezz<br=
 >&gt=3B <br>&gt=3B &gt=3B Jonathan<br>&gt=3B &gt=3B<br>&gt=3B &gt=3B&gt=3B =
 To: bug-followup@freebsd.org=3B lordsith49@hotmail.com<br>&gt=3B &gt=3B&gt=
 =3B Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0<=
 br>&gt=3B &gt=3B&gt=3B Date: Thu=2C 31 Dec 2009 15:31:40 -0600<br>&gt=3B &g=
 t=3B&gt=3B From: mezz7@cox.net<br>&gt=3B &gt=3B&gt=3B<br>&gt=3B &gt=3B&gt=
 =3B Searched in Google and found a fix in OpenSSL.<br>&gt=3B &gt=3B&gt=3B<b=
 r>&gt=3B &gt=3B&gt=3B http://marc.info/?l=3Dopenssl-cvs&amp=3Bm=3D124095946=
 021321&amp=3Bw=3D2 (0.9.8 branch  <br>&gt=3B &gt=3B&gt=3B w/out<br>&gt=3B &=
 gt=3B&gt=3B comment)<br>&gt=3B &gt=3B&gt=3B http://marc.info/?l=3Dopenssl-c=
 vs&amp=3Bm=3D124095943621291&amp=3Bw=3D2 (1.0.0 branch w/<br>&gt=3B &gt=3B&=
 gt=3B comment)<br>&gt=3B &gt=3B&gt=3B<br>&gt=3B &gt=3B&gt=3B I have checkou=
 t latest of OpenSSL_0_9_8-stable branch in its CVS and<br>&gt=3B &gt=3B&gt=
 =3B create a patch. Can you try to patch in your source tree by use this  <=
 br>&gt=3B &gt=3B&gt=3B patch<br>&gt=3B &gt=3B&gt=3B below and see if it fix=
 es this problem for you?<br>&gt=3B &gt=3B&gt=3B<br>&gt=3B &gt=3B&gt=3B http=
 ://people.freebsd.org/~mezz/diff/patch-crypto_openssl_ssl_t1_lib.c<br>&gt=
 =3B &gt=3B&gt=3B<br>&gt=3B &gt=3B&gt=3B Cheers=2C<br>&gt=3B &gt=3B&gt=3B Me=
 zz<br>&gt=3B &gt=3B&gt=3B<br>&gt=3B &gt=3B&gt=3B<br>&gt=3B &gt=3B&gt=3B --<=
 br>&gt=3B &gt=3B&gt=3B mezz7@cox.net  -  mezz@FreeBSD.org<br>&gt=3B &gt=3B&=
 gt=3B FreeBSD GNOME Team<br>&gt=3B &gt=3B&gt=3B http://www.FreeBSD.org/gnom=
 e/  -  gnome@FreeBSD.org<br>&gt=3B <br>&gt=3B <br>&gt=3B -- <br>&gt=3B mezz=
 7@cox.net  -  mezz@FreeBSD.org<br>&gt=3B FreeBSD GNOME Team<br>&gt=3B http:=
 //www.FreeBSD.org/gnome/  -  gnome@FreeBSD.org<br> 		 	   		  <br /><hr />Y=
 our E-mail and More On-the-Go. Get Windows Live Hotmail Free. <a href=3D'ht=
 tp://clk.atdmt.com/GBL/go/196390709/direct/01/' target=3D'_new'>Sign up now=
 .</a></body>
 </html>=
 
 --_6c694d92-9cb1-43d9-a571-fe210179f3d3_--
Responsible-Changed-From-To: gnome->simon 
Responsible-Changed-By: mezz 
Responsible-Changed-When: Sun Jan 10 16:50:55 UTC 2010 
Responsible-Changed-Why:  
Change from ports to kern and gnome to simon, which it's a OpenSSL bug. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=142198 

From: "Jeremy Messenger" <mezz7@cox.net>
To: "Jonathan Call" <lordsith49@hotmail.com>, bug-followup@freebsd.org
Cc:  
Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
Date: Sun, 10 Jan 2010 10:53:02 -0600

 On Fri, 08 Jan 2010 13:21:52 -0600, Jonathan Call <lordsith49@hotmail.com>  
 wrote:
 
 >
 > I applied that patch and after a 'make buildworld' and a 'make  
 > installworld' xchat now connects to an SSL enabled server without any  
 > errors.
 
 Thanks for tested it!
 
 Cheers,
 Mezz
 
 > Jonathan
 >
 >> To: lordsith49@hotmail.com; bug-followup@freebsd.org
 >> Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
 >> Date: Wed, 6 Jan 2010 17:38:46 -0600
 >> From: mezz7@cox.net
 >>
 >> On Mon, 04 Jan 2010 10:48:33 -0600, Jonathan Call  
 >> <lordsith49@hotmail.com>
 >> wrote:
 >>
 >> >
 >> > Steps I took:
 >> >
 >> > cd /usr/src
 >> > patch < /path/to/patch-crypto_openssl_ssl_t1_lib.c
 >> > make buildworld
 >> >
 >> > The following error occurred:
 >> <snip>
 >> >
 >> >
 >> >
 >> > Please advise.
 >>
 >> Ah, it means that I can't checkout latest version of 0.9.8 branch. So..
 >> Let's follow this very same fix:
 >>
 >> http://marc.info/?l=openssl-cvs&m=124095946021321&w=2
 >>
 >> My other machine is on Windows 7 and I can't shut it down at the moment
 >> (work related), so not able to update the patch. If you don't mind to  
 >> edit
 >> file and let me know the result will be cool.
 >>
 >> Thanks,
 >> Mezz
 >>
 >> > Jonathan
 >> >
 >> >> To: bug-followup@freebsd.org; lordsith49@hotmail.com
 >> >> Subject: Re: ports/142198: SSLv3 failure with irc/xchat on FreeBSD  
 >> 8.0
 >> >> Date: Thu, 31 Dec 2009 15:31:40 -0600
 >> >> From: mezz7@cox.net
 >> >>
 >> >> Searched in Google and found a fix in OpenSSL.
 >> >>
 >> >> http://marc.info/?l=openssl-cvs&m=124095946021321&w=2 (0.9.8 branch
 >> >> w/out
 >> >> comment)
 >> >> http://marc.info/?l=openssl-cvs&m=124095943621291&w=2 (1.0.0 branch  
 >> w/
 >> >> comment)
 >> >>
 >> >> I have checkout latest of OpenSSL_0_9_8-stable branch in its CVS and
 >> >> create a patch. Can you try to patch in your source tree by use this
 >> >> patch
 >> >> below and see if it fixes this problem for you?
 >> >>
 >> >>  
 >> http://people.freebsd.org/~mezz/diff/patch-crypto_openssl_ssl_t1_lib.c
 >> >>
 >> >> Cheers,
 >> >> Mezz
 
 
 -- 
 mezz7@cox.net  -  mezz@FreeBSD.org
 FreeBSD GNOME Team
 http://www.FreeBSD.org/gnome/  -  gnome@FreeBSD.org

From: "Jeremy Messenger" <mezz7@cox.net>
To: bug-followup@freebsd.org, lordsith49@hotmail.com
Cc:  
Subject: Re: kern/142198: SSLv3 failure with irc/xchat on FreeBSD 8.0
Date: Sun, 10 Jan 2010 11:07:24 -0600

 Sometimes, PR isn't easy to follow up. Want to write a clean email at once  
 without trying to follow up in the PR.
 
 I have searched in Google. I get plenty of result from Linux distro that  
 have same error in different applications (not xchat alone). Most of them  
 have patched in their OpenSSL. I have found the fix in its CVS.
 
 http://marc.info/?l=openssl-cvs&m=124095946021321&w=2 (0.9.8 branch w/out  
 comment)
 http://marc.info/?l=openssl-cvs&m=124095943621291&w=2 (1.0.0 branch w/  
 comment)
 
 I have tried to checkout latest branch of OpenSSL_0_9_8-stable from its  
 CVS, but it changes a lot. I have gone head to create very same patch as  
 committed above URL. Jonathan Call has tested this patch and it works for  
 him to get xchat connects IRC server with SSL.
 
 Patch:  
 http://people.freebsd.org/~mezz/diff/patch-crypto_openssl_ssl_t1_lib.c
 
 It will be great if you can MFC to FreeBSD 8.x and 7.x if it possibles.  
 Another way without use patch above is to update the OpenSSL in base  
 system.
 
 Cheers,
 Mezz
 
 
 -- 
 mezz7@cox.net  -  mezz@FreeBSD.org
 FreeBSD GNOME Team
 http://www.FreeBSD.org/gnome/  -  gnome@FreeBSD.org
Responsible-Changed-From-To: simon->freebsd-bugs 
Responsible-Changed-By: simon 
Responsible-Changed-When: Mon Jun 3 13:50:12 UTC 2013 
Responsible-Changed-Why:  
Send PRs which I'm unlikely to look at back to the pool. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=142198 
>Unformatted:
