From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Bob Proulx <bob@proulx.com>
Newsgroups: gmane.emacs.help
Subject: Re: w3m SSL handling error
Date: Mon, 17 Oct 2016 13:08:03 -0600
Message-ID: <20161017125340282252917@bob.proulx.com>
References: <87insr1kfy.fsf@ram.bvr.dp.lan>
	<20161017030047852203188@bob.proulx.com>
	<87lgxnjgua.fsf@ram.bvr.dp.lan>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: blaine.gmane.org 1476731811 16177 195.159.176.226 (17 Oct 2016 19:16:51 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Mon, 17 Oct 2016 19:16:51 +0000 (UTC)
User-Agent: NeoMutt/20161014 (1.7.1)
Cc: help-gnu-emacs@gnu.org
To: "B.V. Raghav" <bvraghav@iitk.ac.in>
Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Mon Oct 17 21:16:43 2016
Return-path: <help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geh-help-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org>)
	id 1bwDOU-0000Q7-Rh
	for geh-help-gnu-emacs@m.gmane.org; Mon, 17 Oct 2016 21:16:18 +0200
Original-Received: from localhost ([::1]:35269 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org>)
	id 1bwDOW-0006e5-Of
	for geh-help-gnu-emacs@m.gmane.org; Mon, 17 Oct 2016 15:16:20 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:45306)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bob@proulx.com>) id 1bwDGb-00083L-0c
	for help-gnu-emacs@gnu.org; Mon, 17 Oct 2016 15:08:14 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <bob@proulx.com>) id 1bwDGW-0003dn-Ll
	for help-gnu-emacs@gnu.org; Mon, 17 Oct 2016 15:08:08 -0400
Original-Received: from havoc.proulx.com ([96.88.95.61]:39219)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bob@proulx.com>) id 1bwDGW-0003dh-GU
	for help-gnu-emacs@gnu.org; Mon, 17 Oct 2016 15:08:04 -0400
Original-Received: from joseki.proulx.com (localhost [127.0.0.1])
	by havoc.proulx.com (Postfix) with ESMTP id ABC7211D;
	Mon, 17 Oct 2016 13:08:03 -0600 (MDT)
Original-Received: from hysteria.proulx.com (hysteria.proulx.com [192.168.230.119])
	by joseki.proulx.com (Postfix) with ESMTP id 6E574217E4;
	Mon, 17 Oct 2016 13:08:03 -0600 (MDT)
Original-Received: by hysteria.proulx.com (Postfix, from userid 1000)
	id 6302E2DC5F; Mon, 17 Oct 2016 13:08:03 -0600 (MDT)
Mail-Followup-To: "B.V. Raghav" <bvraghav@iitk.ac.in>, help-gnu-emacs@gnu.org
Content-Disposition: inline
In-Reply-To: <87lgxnjgua.fsf@ram.bvr.dp.lan>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 96.88.95.61
X-BeenThere: help-gnu-emacs@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: Users list for the GNU Emacs text editor <help-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-gnu-emacs>,
	<mailto:help-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/help-gnu-emacs/>
List-Post: <mailto:help-gnu-emacs@gnu.org>
List-Help: <mailto:help-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-gnu-emacs>,
	<mailto:help-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org
Original-Sender: "help-gnu-emacs"
	<help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.help:111552
Archived-At: <http://permalink.gmane.org/gmane.emacs.help/111552>

B.V. Raghav wrote:
> Bob Proulx writes:
> > Here are some ideas.  What system are you operating from?  You didn't
> > say.  It is an xterm so I might assume some generic GNU/Linux system.
> 
> I am running on Debian stretch/sid. 

Me too.  It works okay for me from Debian Sid fully updated.  It also
works for me on Debian Jessie 8 Stable.

> > How up to date is it?  The error reminds me of other errors I have
> > seen when the client system is old enough that it only supports SSLv3
> > connecting to a web server that no longer supports SSLv3 anymore.
> 
> I dont know how to watch a network while some process is connecting to
> it. Please tell me I will do so.

I think your system may be in an unhappy state.  This is probably a
topic for debian-user but...  Unless someone complains let's just keep
going here.

You later say you are running behind a network wide proxy which I
think is likely the problem.  But first let's start with your system
anyway.  I tend to inspect these things from several different
viewpoints all at once and then something wrong appears that can be
fixed.  Please inspect with (on my Debian Sid system for example).
Following are a few commands and example output shown from my system.
Then later down I will ask about the network proxy.

  ldd -d -r /usr/bin/w3m
	linux-vdso.so.1 (0x00007ffcacdfa000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f008f1b8000)
	libgc.so.1 => /usr/lib/x86_64-linux-gnu/libgc.so.1 (0x00007f008ef48000)
	libssl.so.1.0.2 => /usr/lib/x86_64-linux-gnu/libssl.so.1.0.2 (0x00007f008ecde000)
	libcrypto.so.1.0.2 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2 (0x00007f008e87a000)
	libgpm.so.2 => /usr/lib/x86_64-linux-gnu/libgpm.so.2 (0x00007f008e674000)
	libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007f008e448000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f008e0aa000)
	/lib64/ld-linux-x86-64.so.2 (0x000056338d052000)
	libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f008de8d000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f008dc89000)

In the above I see that w3m is linking against libssl.so.1.0.2 =>
/usr/lib/x86_64-linux-gnu/libssl.so.1.0.2 which is in the libssl1.0.2
package.

  dpkg -S /usr/lib/x86_64-linux-gnu/libssl.so.1.0.2
    libssl1.0.2:amd64: /usr/lib/x86_64-linux-gnu/libssl.so.1.0.2

  apt-cache policy w3m
    w3m:
      Installed: 0.5.3-31
      Candidate: 0.5.3-31
      Version table:
     *** 0.5.3-31 500
            500 http://ftp.us.debian.org/debian sid/main amd64 Packages
            100 /var/lib/dpkg/status
         0.5.3-29 500
            500 http://ftp.us.debian.org/debian testing/main amd64 Packages

  apt-cache policy libssl1.0.2
    libssl1.0.2:
      Installed: 1.0.2j-1
      Candidate: 1.0.2j-1
      Version table:
     *** 1.0.2j-1 500
            500 http://ftp.us.debian.org/debian sid/main amd64 Packages
            500 http://ftp.us.debian.org/debian testing/main amd64 Packages
            100 /var/lib/dpkg/status

That is from Debian Sid today and fully updated.  I am hoing that your
system will show different version numbers.  I am in the US and using
the US mirror but I expect your mirror will be different which is
okay.  The versions of the packages should be the same however.

> > Looking at the handshake connecting to it I see that it only supports
> > TLS v1.1 and v1.2.  I am rather expect that your client might not be
> > supporting one of those two protocols.
> 
> I am running behind network-wide proxy, with auth. So I use delegate
> server to create a local proxy server that takes care of auth over the
> clients that do not support auth.
> 
> When I do `netstat -tc', what I see is multiple instances of
> `localhost:PORT' which happens to be my local PROXY_SERVER:PORT

The above waves flags and rings alarm bells in my head as likely to be
related to the problem because it is right in the middle of
everything.  This is a complicated process and I suspect it of being
the problem.

Unfortunately I don't know how to test your proxy.  Perhaps someone
else will know how to inspect it and test it for proper working.
Can you bypass your proxy and connect directly in order to test your
software configuration?

Bob