Received: from out1.migadu.com (out1.migadu.com [91.121.223.63]) by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id 91FE57810DA for <~alpine/devel@lists.alpinelinux.org>; Tue, 9 Aug 2022 09:03:29 +0000 (UTC) MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ayaya.dev; s=key1; t=1660035809; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ixk++9SNV3FrpruTi1X9eUACgvLYQmrINUXikhH37SY=; b=cLBN9wblBs6EEbfCn8QUh63grv87qUH2oY2KIvw/Wy6TMVJM0CiJ9vUZCcy8mq74M5u0cv u9k8ahlDBzy3q0dt1QjG0NMFjfbdwn5L3JipJOyj0IvZ/WatRJAKEr2qyCnSrN59kdYelO e2bskghXH2rhvxWZwYugabaCnZB9AYk= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Tue, 09 Aug 2022 11:03:28 +0200 Message-Id: Cc: <~alpine/devel@lists.alpinelinux.org> Subject: Re: OpenSSL 3 pushed to git master X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: "alice" To: "Nico Schottelius" , =?utf-8?q?S=C3=B6ren_Tempel?= References: <20220803105631.77d1cc2c@ncopa-desktop.lan> <87iln2cxo3.fsf@ungleich.ch> <3SRKG6BGFL7KR.20SII8UE439WK@8pit.net> <87h72l7qy5.fsf@ungleich.ch> In-Reply-To: <87h72l7qy5.fsf@ungleich.ch> X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: ayaya.dev On Tue Aug 9, 2022 at 10:34 AM CEST, Nico Schottelius wrote: > > Hey S=C3=B6ren, > > thanks a lot for the quick fix. I have just upgraded to 9.01-r2 and it > indeed fixes the problem, much appreciated - I can get back to work! note that the next upgrade to -r3 has this reverted again (back to openssl3)- you would need to edit the openssl.cnf after that. > > Sunny greetings from Switzerland, > > Nico > > S=C3=B6ren Tempel writes: > > > Hi Nico, > > > > I had a similar issue with isync recently where it would compile fine > > with OpenSSL 3 but ran into connection failures at run-time. I modified > > the openconnect aport to use OpenSSL 1.1 for now. This should hopefully > > fix your issue. If not, please open an issue in GitLab. > > > > See: https://git.alpinelinux.org/aports/commit/?id=3D0141a80a906bc45967= 0cd698dd452ee51a1b1f4a > > > > Greetings, > > S=C3=B6ren > > > > Nico Schottelius wrote: > >> > >> Hey Nate, > >> > >> is it possible that this upgrade broken openconnect? > >> > >> Since an apk upgrade -a on edge I am facing this one: > >> > >> ----------------------------------------------------------------------= ---------- > >> POST https://portal.somewhere.com/global-protect/prelogin.esp?tmp=3Dtm= p&clientVer=3D4100&clientos=3DLinux > >> Connected to [....]:443 > >> SSL negotiation with portal.techcorpapps.com > >> SSL connection failure > >> 9069B3F2667F0000:error:0A000152:SSL routines:final_renegotiate:unsafe = legacy renegotiation disabled:ssl/statem/extensions.c:879: > >> Failed to open HTTPS connection to portal.techcorpapps.com > >> Failed to complete authentication > >> ----------------------------------------------------------------------= ---------- > >> > >> Best, > >> > >> Nico > >> > >> > >> Natanael Copa writes: > >> > >> > Hi! > >> > > >> > I have pushed openssl3 to git master. > >> > > >> > Majority of the main and community packages built fine in my x86_64 = LXC. > >> > > >> > I was able to build approx half of the testing packages as well, but > >> > not all. > >> > > >> > There might be some packages that needs fixes still and it might tak= e > >> > another day before community repo is done. > >> > > >> > Sorry for the inconvenience. > >> > > >> > -nc > >> > >> > >> -- > >> Sustainable and modern Infrastructures by ungleich.ch > > > -- > Sustainable and modern Infrastructures by ungleich.ch