Hi, And thanks for digging… Kurt Roeckx <kurt@roeckx.be> (2019-04-04): > On Thu, Apr 04, 2019 at 12:07:37AM +0200, Kurt Roeckx wrote: > > On Wed, Apr 03, 2019 at 11:57:12PM +0200, Kurt Roeckx wrote: > > > On Wed, Apr 03, 2019 at 11:23:19PM +0200, Cyril Brulebois wrote: > > > > 1726 write(2, "Disabling SSL due to encountered errors.\n", 41) = 41 > > > > > > wget in buster actually seems to be linked to gnutls, and trying > > > other applications just seem to work without config file. > > > > So I can reproduce this with the tag OpenSSL_1_1_1b, it's fixed in > > the current OpenSSL_1_1_1-stable branch ... > > So the commit that fixes it is: > commit 9933d4a06bd0a0b5b757f072944e8cd54d4bddd3 > Author: Richard Levitte <levitte@openssl.org> > Date: Wed Mar 20 10:18:13 2019 +0100 > > OPENSSL_config(): restore error agnosticism > > Great effort has been made to make initialization more configurable. > However, the behavior of OPENSSL_config() was lost in the process, > having it suddenly generate errors it didn't previously, which is not > how it's documented to behave. > > A simple setting of default flags fixes this problem. > > Fixes #8528 > > Reviewed-by: Matt Caswell <matt@openssl.org> > (Merged from https://github.com/openssl/openssl/pull/8533) > > (cherry picked from commit 905c9a72a708701597891527b422c7f374125c52) > > The one that broke it was the one I pointed out earlier. Would it be helpful if I were to rebuild openssl with that patch and double check what happens with its updated udebs? Cheers, -- Cyril Brulebois (kibi@debian.org) <https://debamax.com/> D-I release manager -- Release team member -- Freelance Consultant
Attachment:
signature.asc
Description: PGP signature