Running curl with OpenSSL 0.9.8 against OpenSSL 1.0.0 server causes handshake error?

Question

If I run curl against a machine that is running OpenSSL 1.0.0e for example:

curl -v https://shumaker.flexrentalsolutions.com

on a machine that is running OpenSSL 0.9.8r I get the following error:

About to connect() to shumaker.flexrentalsolutions.com port 443 (#0)
*   Trying 50.112.122.15... connected
* Connected to shumaker.flexrentalsolutions.com (50.112.122.15) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)
* Closing connection #0

If I run the same curl command on a machine that is running OpenSSL 1.0.0e the command completes without any problem.

It appears the handshake is not completing properly, apparently due to some incompatibility between the two OpenSSL versions.

Any idea how to fix this?

Answer 1

If you set the openssl version in the protocol, it works:

For the command line:

curl -v -3 https://shumaker.flexrentalsolutions.com

If in php:

curl_setopt($ch, CURLOPT_SSLVERSION,3);

Answer 2

This is an (OpenSSL) bug that's still open. Details have been posted in this curl bug report.

Further details was posted to OpenSSL-dev by "mancha".