Skip to main content

SSLV3_ALERT_HANDSHAKE_FAILURE from dev-libs/openssl[bindist]

Hi! On a rather young Gentoo setup of mine I ran into SSLV3_ALERT_HANDSHAKE_FAILURE from rss2email. Plain Python showed it, too:

# python -c "import urllib2; \
    urllib2.urlopen('')" \
    |& tail -n 1
urllib2.URLError: <urlopen error [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] \
    sslv3 alert handshake failure (_ssl.c:581)>

On other machines this yields

urllib2.HTTPError: HTTP Error 403: Forbidden

instead. It turned out I overlooked USE="bindist ..." in /etc/portage/make.conf which is sitting there by default. On OpenSSL, bindist disables elliptic curve support. So that is where the SSLV3_ALERT_HANDSHAKE_FAILURE came from.