getaddrinfo failed: Servname not supported for ai_socktype

Matthew Kitchin (public/usenet) mkitchin.public at gmail.com
Sat Aug 7 15:27:10 EDT 2010


  On 8/7/2010 1:33 PM, David Woodhouse wrote:
>
> If you're going to do any serious testing, I would advise that you fix
> this first:
>
> On Fri, 2010-08-06 at 23:25 -0500, Matthew Kitchin (public/usenet) wrote:
>> SSL_set_session() failed with old protocol version 0x100
>> Are you using a version of OpenSSL older than 0.9.8m?
>> See http://rt.openssl.org/Ticket/Display.html?id=1751
>> Use the --no-dtls command line option to avoid this message
>> Set up DTLS failed; using SSL instead
> As it is you're going to be using TCP instead of UDP, with all the
> associated TCP-over-TCP problems if you have any kind of packet loss on
> the underlying link between you and your VPN server.
>
> You'd do better using a more modern distribution like Fedora for your
> testing -- everything should Just Work™ out of the box.
>
> Failing that, rebuild openconnect so it statically links against a more
> recent version of OpenSSL. Or just be aware of the issue, and how it may
> affect certain aspects of your testing.
>
[root at VM-MKLinux script]# openssl version
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
I guess I missed it by a few letters. I will upgrade openssl on my 
CentOS box. The version I have seems to be the most recent in the Yum 
repository.... I will get the newest manually.
OpenWRT looks like it runs openssl-util_0.9.8m-3_ar71xx.ipk  so I should 
be ok if/when I get to that point.



More information about the openconnect-devel mailing list