Received: from magnesium.8pit.net (magnesium.8pit.net [45.76.88.171]) by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id BFDD6780DD4 for <~alpine/devel@lists.alpinelinux.org>; Tue, 9 Aug 2022 07:21:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; s=opensmtpd; bh=qVvCuDwVaH rY/3xm5s1PsGmjBFnCjoaJeu93cYdlsZQ=; h=in-reply-to:references:from: subject:cc:to:date; d=soeren-tempel.net; b=Sdvg+iBII4FpMwlNduneXubGwfG QUVsgxuLcJ/2WqTciLHHUdk6MXvPS/MjZugeCs6l2N5yZwDjgBCYap3HY+MP8glnVQFI0B ayc38BpZXx+Ki8jK8qg2s9wc9XjPdYFPIOhTB5bRIQD8rb+18Qx/f+d9SxA1rl09c8tAWM Bhoc= Received: from localhost (ipb218e4db.dynamic.kabel-deutschland.de [178.24.228.219]) by magnesium.8pit.net (OpenSMTPD) with ESMTPSA id 82fb8e3a (TLSv1.3:TLS_AES_256_GCM_SHA384:256:YES); Tue, 9 Aug 2022 09:21:49 +0200 (CEST) Date: Tue, 09 Aug 2022 09:21:45 +0200 To: Nico Schottelius Cc: ~alpine/devel@lists.alpinelinux.org Subject: Re: OpenSSL 3 pushed to git master From: =?UTF-8?Q?S=C3=B6ren?= Tempel References: <20220803105631.77d1cc2c@ncopa-desktop.lan> <87iln2cxo3.fsf@ungleich.ch> In-Reply-To: <87iln2cxo3.fsf@ungleich.ch> Message-Id: <3SRKG6BGFL7KR.20SII8UE439WK@8pit.net> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi Nico, I had a similar issue with isync recently where it would compile fine with OpenSSL 3 but ran into connection failures at run-time. I modified the openconnect aport to use OpenSSL 1.1 for now. This should hopefully fix your issue. If not, please open an issue in GitLab. See: https://git.alpinelinux.org/aports/commit/?id=3D0141a80a906bc459670cd6= 98dd452ee51a1b1f4a Greetings, S=C3=B6ren Nico Schottelius wrote: >=20 > Hey Nate, >=20 > is it possible that this upgrade broken openconnect? >=20 > Since an apk upgrade -a on edge I am facing this one: >=20 > -------------------------------------------------------------------------= ------- > POST https://portal.somewhere.com/global-protect/prelogin.esp?tmp=3Dtmp&c= lientVer=3D4100&clientos=3DLinux > Connected to [....]:443 > SSL negotiation with portal.techcorpapps.com > SSL connection failure > 9069B3F2667F0000:error:0A000152:SSL routines:final_renegotiate:unsafe leg= acy renegotiation disabled:ssl/statem/extensions.c:879: > Failed to open HTTPS connection to portal.techcorpapps.com > Failed to complete authentication > -------------------------------------------------------------------------= ------- >=20 > Best, >=20 > Nico >=20 >=20 > Natanael Copa writes: >=20 > > Hi! > > > > I have pushed openssl3 to git master. > > > > Majority of the main and community packages built fine in my x86_64 LXC= =2E > > > > I was able to build approx half of the testing packages as well, but > > not all. > > > > There might be some packages that needs fixes still and it might take > > another day before community repo is done. > > > > Sorry for the inconvenience. > > > > -nc >=20 >=20 > -- > Sustainable and modern Infrastructures by ungleich.ch