On Tue, Jul 17, 2018 at 7:04 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Magnus Hagander <magnus@hagander.net> writes: > On Tue, Jul 17, 2018 at 7:28 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote: >>> My buildfarm animals dromedary and prairiedog have been failing since >>> around 9AM EDT on Sunday. ... Have we done something recently to create >>> an incompatibility with old SSL stacks?
> We also changed some of the server setup so there is now a haproxy that's > doing the SSL termination. So there is probably a slightly different > configuration of available SSL algorithms and such as well. It might be > either one of those two, both changes happened not too far apart on that > day.
Hm. Closer investigation suggests that there's something else wrong. While, as I said, curl works for non-SSL connections:
OK, that's just weird. It's failing to connect on port *80* with a "No route to host" error? That sounds more like it would be on a network layer?
I could understand many weird errors on it, but no route to host seems extremely weird. Almost indicates it would be connecting to the wrong IP.
That's on dromedary's host with perl 5.10.0. Even weirder, it *does* work on prairiedog's host with perl 5.8.3. I think that the latter installation is newer and hence may have newer copies of some CPAN-supplied modules, but I'm not sure how to debug further.
Also, on prairiedog's host, this is what I get for the https case: