Code: Alles auswählen
WARNING: cannot connect to dynupdate.no-ip.com:443 socket: SSL Version SSLv2 not supported error:00000000:lib(0):func(0):reason(0)
FAILED: updating All: Could not connect to dynupdate.no-ip.com/nic/update.
regards,
ddclient@SheevaPlug (version 3.8.0)
libnss3 zu tun?(2013-05)Workaround:
add SSL_version => 'SSLv3',
in ddclient at line before 1888 (where IO::Socket::SSL is created).
Code: Alles auswählen
# grep IO::Socket::SSL ddclient -n -C5
...
...
--
1878- $0 = sprintf("%s - connecting to %s port %s", $program, $peer, $port);
1879- if (! opt('exec')) {
1880- debug("skipped network connection");
1881- verbose("SENDING:", "%s", $request);
1882- } elsif ($use_ssl) {
1883: $sd = IO::Socket::SSL->new(
1884- PeerAddr => $peer,
1885- PeerPort => $port,
1886- Proto => 'tcp',
1887- MultiHomed => 1,
1888- Timeout => opt('timeout'),
1889- );
1890: defined $sd or warning("cannot connect to $peer:$port socket: $@ " . IO::Socket::SSL::errstr());
Also eher sowas?# man IO::Socket::SSL | grep SSL_version -A10
SSL_version
Sets the version of the SSL protocol used to transmit data. 'SSLv23' auto-negotiates
between SSLv2 and SSLv3, while 'SSLv2', 'SSLv3' or 'TLSv1' restrict the protocol to
the specified version. All values are case-insensitive.
You can limit to set of supported protocols by adding !version separated by ':'.
The default SSL_version is 'SSLv23:!SSLv2' which means, that SSLv2, SSLv3 and TLSv1
are supported for initial protocol handshakes, but SSLv2 will not be accepted,
leaving only SSLv3 and TLSv1. You can also use !TLSv11 and !TLSv12 to disable TLS
versions 1.1 and 1.2 while allowing TLS version 1.0.
Setting the version instead to 'TLSv1' will probably break interaction with lots of
clients which start with SSLv2 and then upgrade to TLSv1. On the other side some
clients just close the connection when they receive a TLS version 1.1 request. In
this case setting the version to 'SSLv23:!SSLv2:!TLSv11:!TLSv12' might help.
Code: Alles auswählen
SSL_version => '!SSLv2'