Version 3.0.0-beta2 (my own build) cannot connect to some server, says "unsafe legacy renegotiation disabled":
$ ./openssl version
OpenSSL 3.0.0-beta2 29 Jul 2021 (Library: OpenSSL 3.0.0-beta2 29 Jul 2021)
$ ./openssl s_client -connect api.dmc.nico:443 -no_renegotiation -debug </dev/null
CONNECTED(00000003)
write to 0x562d1a91e2c0 [0x562d1a92d600] (318 bytes => 318 (0x13E))
0000 - 16 03 01 01 39 01 00 01-35 03 03 03 0d e9 fb a1 ....9...5.......
0010 - f2 36 e5 1a 60 c1 98 a7-57 63 d2 7c 12 ad 28 97 .6..`...Wc.|..(.
0020 - 56 1f 6a d9 1f 99 d6 28-76 9f 47 20 36 71 76 b9 V.j....(v.G 6qv.
0030 - 80 00 7e 63 fb e0 9b 25-59 8f 3f 44 9c 98 b1 e1 ..~c...%Y.?D....
0040 - 5e 92 12 74 b0 ce 65 eb-b9 d8 83 dd 00 3e 13 02 ^..t..e......>..
0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa .....,.0........
0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27 .+./...$.(.k.#.'
0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d .g.....9.....3..
0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 ae ...=.<.5./......
0090 - 00 00 00 11 00 0f 00 00-0c 61 70 69 2e 64 6d 63 .........api.dmc
00a0 - 2e 6e 69 63 6f 00 0b 00-04 03 00 01 02 00 0a 00 .nico...........
00b0 - 16 00 14 00 1d 00 17 00-1e 00 19 00 18 01 00 01 ................
00c0 - 01 01 02 01 03 01 04 00-23 00 00 00 16 00 00 00 ........#.......
00d0 - 17 00 00 00 0d 00 2a 00-28 04 03 05 03 06 03 08 ......*.(.......
00e0 - 07 08 08 08 09 08 0a 08-0b 08 04 08 05 08 06 04 ................
00f0 - 01 05 01 06 01 03 03 03-01 03 02 04 02 05 02 06 ................
0100 - 02 00 2b 00 09 08 03 04-03 03 03 02 03 01 00 2d ..+............-
0110 - 00 02 01 01 00 33 00 26-00 24 00 1d 00 20 3e 78 .....3.&.$... >x
0120 - 1e e6 39 55 98 91 fd 4b-9e 50 c8 b2 1c a7 0b 96 ..9U...K.P......
0130 - 20 f6 15 76 78 fb 7a 3d-0f a0 22 5b 02 1f ..vx.z=.."[..
read from 0x562d1a91e2c0 [0x562d1a924313] (5 bytes => 5 (0x5))
0000 - 16 03 03 0a bb .....
read from 0x562d1a91e2c0 [0x562d1a924318] (2747 bytes => 2747 (0xABB))
0000 - 02 00 00 4e 03 03 61 12-67 3d 04 49 70 56 c6 14 ...N..a.g=.IpV..
0010 - 02 67 d8 d1 7b 3b 7e 7b-d6 42 aa 20 77 b8 8c a9 .g..{;~{.B. w...
0020 - 99 01 70 e8 df 37 20 d2-e5 d0 34 97 d4 67 66 e4 ..p..7 ...4..gf.
0030 - 19 fe 25 c8 76 0a 47 44-32 08 3e ea 16 dd fd 02 ..%.v.GD2.>.....
0040 - 59 58 04 d7 cf 98 b8 c0-2f 00 00 06 00 0b 00 02 YX....../.......
0050 - 01 00 0b 00 0a 65 00 0a-62 00 06 0a 30 82 06 06 .....e..b...0...
0060 - 30 82 04 ee a0 03 02 01-02 02 0c 0d b3 b9 e0 d8 0...............
0070 - 72 45 e1 71 bb 63 d3 30-0d 06 09 2a 86 48 86 f7 rE.q.c.0...*.H..
0080 - 0d 01 01 0b 05 00 30 50-31 0b 30 09 06 03 55 04 ......0P1.0...U.
0090 - 06 13 02 42 45 31 19 30-17 06 03 55 04 0a 13 10 ...BE1.0...U....
00a0 - 47 6c 6f 62 61 6c 53 69-67 6e 20 6e 76 2d 73 61 GlobalSign nv-sa
00b0 - 31 26 30 24 06 03 55 04-03 13 1d 47 6c 6f 62 61 1&0$..U....Globa
00c0 - 6c 53 69 67 6e 20 52 53-41 20 4f 56 20 53 53 4c lSign RSA OV SSL
00d0 - 20 43 41 20 32 30 31 38-30 1e 17 0d 32 31 30 31 CA 20180...2101
00e0 - 30 38 31 32 32 36 31 38-5a 17 0d 32 32 30 31 33 08122618Z..22013
00f0 - 31 31 34 35 39 35 39 5a-30 5e 31 0b 30 09 06 03 1145959Z0^1.0...
0100 - 55 04 06 13 02 4a 50 31-0e 30 0c 06 03 55 04 08 U....JP1.0...U..
0110 - 13 05 54 6f 6b 79 6f 31-10 30 0e 06 03 55 04 07 ..Tokyo1.0...U..
0120 - 13 07 43 68 75 6f 2d 6b-75 31 18 30 16 06 03 55 ..Chuo-ku1.0...U
0130 - 04 0a 13 0f 44 57 41 4e-47 4f 20 43 6f 2e 2c 4c ....DWANGO Co.,L
0140 - 74 64 2e 31 13 30 11 06-03 55 04 03 0c 0a 2a 2e td.1.0...U....*.
0150 - 64 6d 63 2e 6e 69 63 6f-30 82 01 22 30 0d 06 09 dmc.nico0.."0...
0160 - 2a 86 48 86 f7 0d 01 01-01 05 00 03 82 01 0f 00 *.H.............
0170 - 30 82 01 0a 02 82 01 01-00 da ab 59 0b 37 3a 72 0..........Y.7:r
0180 - 21 ad 2b 45 ae fc 85 5d-c5 a5 69 f2 34 9f 78 14 !.+E...]..i.4.x.
0190 - 42 cd 15 fe 42 06 33 dd-78 c2 53 0d 1a 70 fe 0d B...B.3.x.S..p..
01a0 - 2a 2f b9 ec 5b e9 6c 4a-c1 96 04 5c 63 65 30 54 */..[.lJ...\ce0T
01b0 - df 79 de 2f a0 08 c2 54-29 34 e5 97 38 5e 44 43 .y./...T)4..8^DC
01c0 - b2 c8 03 24 85 5d fa 55-ae 78 ab a8 3b 53 49 57 ...$.].U.x..;SIW
01d0 - bc ec f8 03 41 43 c3 b3-38 fe 76 81 28 8f 4d 8a ....AC..8.v.(.M.
01e0 - 67 47 06 a8 1c e4 a9 a6-3f 6a 61 22 bc d3 60 a2 gG......?ja"..`.
01f0 - 8d 1e 8a ac 94 9c d3 fd-46 e1 3a f5 f3 9c 74 fe ........F.:...t.
0200 - c5 59 6e 42 e1 3c 7a d7-26 24 0b 24 dd bc 4e 69 .YnB.<z.&$.$..Ni
0210 - 32 c6 7e b8 d2 96 16 c2-a0 9d fc ea d6 3a ba dc 2.~..........:..
0220 - 6a d1 5a f4 f3 1e 10 a7-5e 35 a3 6a 3c 4b 6e 32 j.Z.....^5.j<Kn2
0230 - 77 4a da 73 5a 1f ad e7-54 64 e6 7b 7f 46 22 a7 wJ.sZ...Td.{.F".
0240 - 05 ea 26 15 58 02 06 d9-44 49 6a 93 7a 9c df a9 ..&.X...DIj.z...
0250 - 40 8f f6 28 6c 23 45 c3-7a 72 dd b2 4f a2 df 57 @..(l#E.zr..O..W
0260 - 1d a4 6a 3e de 1c 03 33-56 7e 24 22 9f 51 f7 76 ..j>...3V~$".Q.v
0270 - 46 d8 28 da d5 aa 32 61-c5 02 03 01 00 01 a3 82 F.(...2a........
0280 - 02 d0 30 82 02 cc 30 0e-06 03 55 1d 0f 01 01 ff ..0...0...U.....
0290 - 04 04 03 02 05 a0 30 81-8e 06 08 2b 06 01 05 05 ......0....+....
02a0 - 07 01 01 04 81 81 30 7f-30 44 06 08 2b 06 01 05 ......0.0D..+...
02b0 - 05 07 30 02 86 38 68 74-74 70 3a 2f 2f 73 65 63 ..0..8http://sec
02c0 - 75 72 65 2e 67 6c 6f 62-61 6c 73 69 67 6e 2e 63 ure.globalsign.c
02d0 - 6f 6d 2f 63 61 63 65 72-74 2f 67 73 72 73 61 6f om/cacert/gsrsao
02e0 - 76 73 73 6c 63 61 32 30-31 38 2e 63 72 74 30 37 vsslca2018.crt07
02f0 - 06 08 2b 06 01 05 05 07-30 01 86 2b 68 74 74 70 ..+.....0..+http
0300 - 3a 2f 2f 6f 63 73 70 2e-67 6c 6f 62 61 6c 73 69 ://ocsp.globalsi
0310 - 67 6e 2e 63 6f 6d 2f 67-73 72 73 61 6f 76 73 73 gn.com/gsrsaovss
0320 - 6c 63 61 32 30 31 38 30-56 06 03 55 1d 20 04 4f lca20180V..U. .O
0330 - 30 4d 30 41 06 09 2b 06-01 04 01 a0 32 01 14 30 0M0A..+.....2..0
0340 - 34 30 32 06 08 2b 06 01-05 05 07 02 01 16 26 68 402..+........&h
0350 - 74 74 70 73 3a 2f 2f 77-77 77 2e 67 6c 6f 62 61 ttps://www.globa
0360 - 6c 73 69 67 6e 2e 63 6f-6d 2f 72 65 70 6f 73 69 lsign.com/reposi
0370 - 74 6f 72 79 2f 30 08 06-06 67 81 0c 01 02 02 30 tory/0...g.....0
0380 - 09 06 03 55 1d 13 04 02-30 00 30 3f 06 03 55 1d ...U....0.0?..U.
0390 - 1f 04 38 30 36 30 34 a0-32 a0 30 86 2e 68 74 74 ..80604.2.0..htt
03a0 - 70 3a 2f 2f 63 72 6c 2e-67 6c 6f 62 61 6c 73 69 p://crl.globalsi
03b0 - 67 6e 2e 63 6f 6d 2f 67-73 72 73 61 6f 76 73 73 gn.com/gsrsaovss
03c0 - 6c 63 61 32 30 31 38 2e-63 72 6c 30 1f 06 03 55 lca2018.crl0...U
03d0 - 1d 11 04 18 30 16 82 0a-2a 2e 64 6d 63 2e 6e 69 ....0...*.dmc.ni
03e0 - 63 6f 82 08 64 6d 63 2e-6e 69 63 6f 30 1d 06 03 co..dmc.nico0...
03f0 - 55 1d 25 04 16 30 14 06-08 2b 06 01 05 05 07 03 U.%..0...+......
0400 - 01 06 08 2b 06 01 05 05-07 03 02 30 1f 06 03 55 ...+.......0...U
0410 - 1d 23 04 18 30 16 80 14-f8 ef 7f f2 cd 78 67 a8 .#..0........xg.
0420 - de 6f 8f 24 8d 88 f1 87-03 02 b3 eb 30 1d 06 03 .o.$........0...
0430 - 55 1d 0e 04 16 04 14 e5-f3 2e 56 50 d8 6c 84 81 U.........VP.l..
0440 - 36 86 16 f3 fa d0 0b ad-4d ee a6 30 82 01 03 06 6.......M..0....
0450 - 0a 2b 06 01 04 01 d6 79-02 04 02 04 81 f4 04 81 .+.....y........
0460 - f1 00 ef 00 75 00 29 79-be f0 9e 39 39 21 f0 56 ....u.)y...99!.V
0470 - 73 9f 63 a5 77 e5 be 57-7d 9c 60 0a f8 f9 4d 5d s.c.w..W}.`...M]
0480 - 26 5c 25 5d c7 84 00 00-01 76 e1 f6 49 ce 00 00 &\%].....v..I...
0490 - 04 03 00 46 30 44 02 20-1d 3d 36 54 08 41 c9 a4 ...F0D. .=6T.A..
04a0 - 64 7f 0f 30 80 2b 93 e8-69 cf 0b 7c 7d 92 4e bd d..0.+..i..|}.N.
04b0 - d9 76 4b 0a c8 df 6a ce-02 20 53 e6 b3 2b 0c ad .vK...j.. S..+..
04c0 - b0 c5 95 b7 b3 14 e2 95-24 6e aa 90 c3 68 a0 37 ........$n...h.7
04d0 - 30 3b 5f 4c 12 e4 c5 5e-86 aa 00 76 00 55 81 d4 0;_L...^...v.U..
04e0 - c2 16 90 36 01 4a ea 0b-9b 57 3c 53 f0 c0 e4 38 ...6.J...W<S...8
04f0 - 78 70 25 08 17 2f a3 aa-1d 07 13 d3 0c 00 00 01 xp%../..........
0500 - 76 e1 f6 46 d6 00 00 04-03 00 47 30 45 02 20 5a v..F......G0E. Z
0510 - 10 88 82 61 20 d7 33 1e-d7 74 92 12 93 19 8e 54 ...a .3..t.....T
0520 - 56 fe d1 86 1a e5 e7 83-2e c5 5d 14 08 ba 36 02 V.........]...6.
0530 - 21 00 88 99 1e e0 ba f1-6c f3 07 02 64 06 7f 38 !.......l...d..8
0540 - 01 91 6c f0 f2 19 7c a7-be 33 f1 03 d0 1e 57 36 ..l...|..3....W6
0550 - 92 77 30 0d 06 09 2a 86-48 86 f7 0d 01 01 0b 05 .w0...*.H.......
0560 - 00 03 82 01 01 00 6f 0f-a7 45 d0 13 bb e3 c9 14 ......o..E......
0570 - d8 f6 4c c0 13 69 69 0d-11 6d 87 b5 ec 42 8d 62 ..L..ii..m...B.b
0580 - 5f b4 0d 72 c9 62 13 09-85 dd 57 da df 95 a8 20 _..r.b....W....
0590 - 2d 46 83 54 9d 83 5c fe-e5 f0 60 05 12 01 9d 17 -F.T..\...`.....
05a0 - a7 88 15 36 7c 08 b1 31-f1 5a 7a c7 ea 99 5f 4b ...6|..1.Zz..._K
05b0 - 11 34 1c ae 82 51 ad ba-fc f8 7e 6a ed 1d 22 a9 .4...Q....~j..".
05c0 - fb 50 86 94 34 bf 6e db-63 f1 07 c4 1f 28 48 60 .P..4.n.c....(H`
05d0 - e9 bd c3 2e 4b 66 bb 6d-6f 7d 4a 43 99 fd 7b 86 ....Kf.mo}JC..{.
05e0 - 6e 4d 59 9d ac d4 3d fa-75 c6 06 e8 53 33 61 e2 nMY...=.u...S3a.
05f0 - 8e bc 5e 9f 75 eb ae ac-f4 bf ad 44 d3 3b 76 f3 ..^.u......D.;v.
0600 - 4d 62 57 44 c1 73 c8 29-8f d2 d3 c5 b8 6b fb 4c MbWD.s.).....k.L
0610 - fe 9e 09 c2 bb 22 a1 92-45 5f 33 0b 75 a1 b1 8c ....."..E_3.u...
0620 - d6 fd 55 9c fe ff 4d 51-02 2f c0 be f1 60 56 46 ..U...MQ./...`VF
0630 - 90 7b e1 e2 42 9b b8 65-49 90 eb 3e ae 97 f9 36 .{..B..eI..>...6
0640 - 8a 0a c2 ac e1 5c 0e dd-5c db 13 9f 20 14 f8 05 .....\..\... ...
0650 - 95 db 49 62 a2 36 15 ba-84 f1 97 f2 49 4a cb 81 ..Ib.6......IJ..
0660 - 73 b9 47 7e ab 62 00 04-52 30 82 04 4e 30 82 03 s.G~.b..R0..N0..
0670 - 36 a0 03 02 01 02 02 0d-01 ee 5f 22 1d fc 62 3b 6........._"..b;
0680 - d4 33 3a 85 57 30 0d 06-09 2a 86 48 86 f7 0d 01 .3:.W0...*.H....
0690 - 01 0b 05 00 30 4c 31 20-30 1e 06 03 55 04 0b 13 ....0L1 0...U...
06a0 - 17 47 6c 6f 62 61 6c 53-69 67 6e 20 52 6f 6f 74 .GlobalSign Root
06b0 - 20 43 41 20 2d 20 52 33-31 13 30 11 06 03 55 04 CA - R31.0...U.
06c0 - 0a 13 0a 47 6c 6f 62 61-6c 53 69 67 6e 31 13 30 ...GlobalSign1.0
06d0 - 11 06 03 55 04 03 13 0a-47 6c 6f 62 61 6c 53 69 ...U....GlobalSi
06e0 - 67 6e 30 1e 17 0d 31 38-31 31 32 31 30 30 30 30 gn0...1811210000
06f0 - 30 30 5a 17 0d 32 38 31-31 32 31 30 30 30 30 30 00Z..28112100000
0700 - 30 5a 30 50 31 0b 30 09-06 03 55 04 06 13 02 42 0Z0P1.0...U....B
0710 - 45 31 19 30 17 06 03 55-04 0a 13 10 47 6c 6f 62 E1.0...U....Glob
0720 - 61 6c 53 69 67 6e 20 6e-76 2d 73 61 31 26 30 24 alSign nv-sa1&0$
0730 - 06 03 55 04 03 13 1d 47-6c 6f 62 61 6c 53 69 67 ..U....GlobalSig
0740 - 6e 20 52 53 41 20 4f 56-20 53 53 4c 20 43 41 20 n RSA OV SSL CA
0750 - 32 30 31 38 30 82 01 22-30 0d 06 09 2a 86 48 86 20180.."0...*.H.
0760 - f7 0d 01 01 01 05 00 03-82 01 0f 00 30 82 01 0a ............0...
0770 - 02 82 01 01 00 a7 5a c9-d5 0c 18 21 00 23 d5 97 ......Z....!.#..
0780 - 0f eb ae dd 5c 68 6b 6b-8f 50 60 13 7a 81 cb 97 ....\hkk.P`.z...
0790 - ee 8e 8a 61 94 4b 26 79-f6 04 a7 2a fb a4 da 56 ...a.K&y...*...V
07a0 - bb ee a0 a4 f0 7b 8a 7f-55 1f 47 93 61 0d 6e 71 .....{..U.G.a.nq
07b0 - 51 3a 25 24 08 2f 8c e1-f7 89 d6 92 cf af b3 a7 Q:%$./..........
07c0 - 3f 30 ed b5 df 21 ae fe-f5 44 17 fd d8 63 d9 2f ?0...!...D...c./
07d0 - d3 81 5a 6b 5f d3 47 b0-ac f2 ab 3b 24 79 4f 1f ..Zk_.G....;$yO.
07e0 - c7 2e ea b9 15 3a 7c 18-4c 69 b3 b5 20 59 09 5e .....:|.Li.. Y.^
07f0 - 29 c3 63 e6 2e 46 5b aa-94 90 49 0e b9 f0 f5 4a ).c..F[...I....J
0800 - a1 09 2f 7c 34 4d d0 bc-00 c5 06 55 79 06 ce a2 ../|4M.....Uy...
0810 - d0 10 f1 48 43 e8 b9 5a-b5 95 55 bd 31 d2 1b 3d ...HC..Z..U.1..=
0820 - 86 be a1 ec 0d 12 db 2c-99 24 ad 47 c2 6f 03 e6 .......,.$.G.o..
0830 - 7a 70 b5 70 cc cd 27 2c-a5 8c 8e c2 18 3c 92 c9 zp.p..',.....<..
0840 - 2e 73 6f 06 10 56 93 40-aa a3 c5 52 fb e5 c5 05 [email protected]....
0850 - d6 69 68 5c 06 b9 ee 51-89 e1 8a 0e 41 4d 9b 92 .ih\...Q....AM..
0860 - 90 0a 89 e9 16 6b ef ef-75 be 7a 46 b8 e3 47 8a .....k..u.zF..G.
0870 - 1d 1c 2e a7 4f 02 03 01-00 01 a3 82 01 29 30 82 ....O........)0.
0880 - 01 25 30 0e 06 03 55 1d-0f 01 01 ff 04 04 03 02 .%0...U.........
0890 - 01 86 30 12 06 03 55 1d-13 01 01 ff 04 08 30 06 ..0...U.......0.
08a0 - 01 01 ff 02 01 00 30 1d-06 03 55 1d 0e 04 16 04 ......0...U.....
08b0 - 14 f8 ef 7f f2 cd 78 67-a8 de 6f 8f 24 8d 88 f1 ......xg..o.$...
08c0 - 87 03 02 b3 eb 30 1f 06-03 55 1d 23 04 18 30 16 .....0...U.#..0.
08d0 - 80 14 8f f0 4b 7f a8 2e-45 24 ae 4d 50 fa 63 9a ....K...E$.MP.c.
08e0 - 8b de e2 dd 1b bc 30 3e-06 08 2b 06 01 05 05 07 ......0>..+.....
08f0 - 01 01 04 32 30 30 30 2e-06 08 2b 06 01 05 05 07 ...2000...+.....
0900 - 30 01 86 22 68 74 74 70-3a 2f 2f 6f 63 73 70 32 0.."http://ocsp2
0910 - 2e 67 6c 6f 62 61 6c 73-69 67 6e 2e 63 6f 6d 2f .globalsign.com/
0920 - 72 6f 6f 74 72 33 30 36-06 03 55 1d 1f 04 2f 30 rootr306..U.../0
0930 - 2d 30 2b a0 29 a0 27 86-25 68 74 74 70 3a 2f 2f -0+.).'.%http://
0940 - 63 72 6c 2e 67 6c 6f 62-61 6c 73 69 67 6e 2e 63 crl.globalsign.c
0950 - 6f 6d 2f 72 6f 6f 74 2d-72 33 2e 63 72 6c 30 47 om/root-r3.crl0G
0960 - 06 03 55 1d 20 04 40 30-3e 30 3c 06 04 55 1d 20 ..U. .@0>0<..U.
0970 - 00 30 34 30 32 06 08 2b-06 01 05 05 07 02 01 16 .0402..+........
0980 - 26 68 74 74 70 73 3a 2f-2f 77 77 77 2e 67 6c 6f &https://www.glo
0990 - 62 61 6c 73 69 67 6e 2e-63 6f 6d 2f 72 65 70 6f balsign.com/repo
09a0 - 73 69 74 6f 72 79 2f 30-0d 06 09 2a 86 48 86 f7 sitory/0...*.H..
09b0 - 0d 01 01 0b 05 00 03 82-01 01 00 99 90 c8 2d 5f ..............-_
09c0 - 42 8a d4 0b 66 db 98 03-73 11 d4 88 86 52 28 53 B...f...s....R(S
09d0 - 8a fb ad df fd 73 8e 3a-67 04 db c3 53 14 70 14 .....s.:g...S.p.
09e0 - 09 7c c3 e0 f8 d7 1c 98-1a a2 c4 3e db e9 00 e3 .|.........>....
09f0 - ca 70 b2 f1 22 30 21 56-db d3 ad 79 5e 81 58 0b .p.."0!V...y^.X.
0a00 - 6d 14 80 35 f5 6f 5d 1d-eb 9a 47 05 ff 59 8d 00 m..5.o]...G..Y..
0a10 - b1 40 da 90 98 96 1a ba-6c 6d 7f 8c f5 b3 80 df [email protected]......
0a20 - 8c 64 73 36 96 79 79 69-74 ea bf f8 9e 01 8f a0 .ds6.yyit.......
0a30 - 95 69 8d e9 84 ba e9 e5-d4 88 38 db 78 3b 98 d0 .i........8.x;..
0a40 - 36 7b 29 b0 d2 52 18 90-de 52 43 00 ae 6a 27 c8 6{)..R...RC..j'.
0a50 - 14 9e 86 95 ac e1 80 31-30 7e 9a 25 bb 8b ac 04 .......10~.%....
0a60 - 23 a6 99 00 e8 f1 d2 26-ec 0f 7e 3b 8a 2b 92 38 #......&..~;.+.8
0a70 - 13 1d 8f 86 cd 86 52 47-e6 34 7c 5b a4 02 3e 8a ......RG.4|[..>.
0a80 - 61 7c 22 76 53 5a 94 53-33 86 b8 92 a8 72 af a1 a|"vSZ.S3....r..
0a90 - f9 52 87 1f 31 a5 fc b0-81 57 2f cd f4 ce dc f6 .R..1....W/.....
0aa0 - 24 cf a7 e2 34 90 68 9d-fe aa f1 a9 9a 12 cc 9b $...4.h.........
0ab0 - c0 c6 c3 a8 a5 b0 21 7e-de 48 f6 ......!~.H.
write to 0x562d1a91e2c0 [0x562d1a92d600] (7 bytes => 7 (0x7))
0000 - 15 03 03 00 02 02 28 ......(
C092F047F87F0000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:ssl/statem/extensions.c:879:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 2752 bytes and written 325 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID: D2E5D03497D46766E419FE25C8760A474432083EEA16DDFD02595804D7CF98B8
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1628596015
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
read from 0x562d1a91e2c0 [0x562d1a8743d0] (8192 bytes => 342 (0x156))
0000 - 16 03 03 01 51 0c 00 01-49 03 00 17 41 04 e1 e0 ....Q...I...A...
0010 - bf 34 95 31 80 f3 4c 68-e1 56 86 e7 a1 9a 8f dd .4.1..Lh.V......
0020 - 80 dc 0a 25 a6 29 d8 80-2b 06 67 32 b6 02 44 24 ...%.)..+.g2..D$
0030 - 45 d0 8e 77 42 67 17 f0-2d 7c d4 64 35 a2 5e e6 E..wBg..-|.d5.^.
0040 - 82 83 fe 5f 08 f2 70 35-cb cf fe c6 1f 0b 06 01 ..._..p5........
0050 - 01 00 cc 2a 1a 6f 35 c3-e2 b0 5d 9f f6 10 51 79 ...*.o5...]...Qy
0060 - 4b 6c b8 18 ac bc ff 69-16 1e f3 de 99 df 95 74 Kl.....i.......t
0070 - 6d 93 94 06 19 88 6c a7-ed 39 41 e4 86 2c 6e fa m.....l..9A..,n.
0080 - 1a 3a 5e f8 81 34 3c 1c-eb 1c 78 52 ef 96 c0 3d .:^..4<...xR...=
0090 - c7 5a 9f 54 c8 f0 4b 7d-b4 00 79 38 cd 1b 41 e8 .Z.T..K}..y8..A.
00a0 - 90 10 f6 e9 d5 4c d3 e8-e3 00 ef 01 a0 53 3c aa .....L.......S<.
00b0 - 5c 29 dc 86 1e f2 08 7f-45 a8 ea c7 72 32 08 79 \)......E...r2.y
00c0 - 89 a6 31 ba d8 d1 07 52-ff 54 6b b0 1e 78 62 b5 ..1....R.Tk..xb.
00d0 - c6 17 99 d6 55 11 3a 3d-38 4c 6e 35 6e 17 e2 fd ....U.:=8Ln5n...
00e0 - fd 5c 31 0b 41 b3 a0 b7-df 5b 0c d4 99 45 15 e6 .\1.A....[...E..
00f0 - 39 d2 b5 00 7c b9 6b a9-80 a6 a2 26 81 b3 84 63 9...|.k....&...c
0100 - 39 a0 f8 ac b8 d2 8f d2-df f8 d7 8d b5 23 19 31 9............#.1
0110 - bd 15 59 95 f8 f3 f3 2c-c2 53 8a 19 71 07 d3 ff ..Y....,.S..q...
0120 - 9d 96 4e 92 97 c3 1b ff-91 fb e6 23 f4 02 8b a4 ..N........#....
0130 - 93 2d 7e b0 77 1a 93 4a-dd 4b e6 e2 23 4f 90 25 .-~.w..J.K..#O.%
0140 - 13 c7 9c 4b 17 99 de a0-02 fb 72 f6 50 ca 52 06 ...K......r.P.R.
0150 - 40 1d 0e 00 00 00 @.....
read from 0x562d1a91e2c0 [0x562d1a8743d0] (8192 bytes => -1)
I might be wrong but I guess this is an OpenSSL issue, because there is no problem with version 1.1.1k (Gentoo):
$ openssl version
OpenSSL 1.1.1k 25 Mar 2021
$ openssl s_client -connect api.dmc.nico:443 -no_renegotiation </dev/null
CONNECTED(00000003)
depth=2 OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign RSA OV SSL CA 2018
verify return:1
depth=0 C = JP, ST = Tokyo, L = Chuo-ku, O = "DWANGO Co.,Ltd.", CN = *.dmc.nico
verify return:1
---
Certificate chain
0 s:C = JP, ST = Tokyo, L = Chuo-ku, O = "DWANGO Co.,Ltd.", CN = *.dmc.nico
i:C = BE, O = GlobalSign nv-sa, CN = GlobalSign RSA OV SSL CA 2018
1 s:C = BE, O = GlobalSign nv-sa, CN = GlobalSign RSA OV SSL CA 2018
i:OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgIMDbO54NhyReFxu2PTMA0GCSqGSIb3DQEBCwUAMFAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H
bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yMTAxMDgxMjI2MThaFw0y
MjAxMzExNDU5NTlaMF4xCzAJBgNVBAYTAkpQMQ4wDAYDVQQIEwVUb2t5bzEQMA4G
A1UEBxMHQ2h1by1rdTEYMBYGA1UEChMPRFdBTkdPIENvLixMdGQuMRMwEQYDVQQD
DAoqLmRtYy5uaWNvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qtZ
Czc6ciGtK0Wu/IVdxaVp8jSfeBRCzRX+QgYz3XjCUw0acP4NKi+57FvpbErBlgRc
Y2UwVN953i+gCMJUKTTllzheREOyyAMkhV36Va54q6g7U0lXvOz4A0FDw7M4/naB
KI9NimdHBqgc5KmmP2phIrzTYKKNHoqslJzT/UbhOvXznHT+xVluQuE8etcmJAsk
3bxOaTLGfrjSlhbCoJ386tY6utxq0Vr08x4Qp141o2o8S24yd0rac1ofredUZOZ7
f0YipwXqJhVYAgbZRElqk3qc36lAj/YobCNFw3py3bJPot9XHaRqPt4cAzNWfiQi
n1H3dkbYKNrVqjJhxQIDAQABo4IC0DCCAswwDgYDVR0PAQH/BAQDAgWgMIGOBggr
BgEFBQcBAQSBgTB/MEQGCCsGAQUFBzAChjhodHRwOi8vc2VjdXJlLmdsb2JhbHNp
Z24uY29tL2NhY2VydC9nc3JzYW92c3NsY2EyMDE4LmNydDA3BggrBgEFBQcwAYYr
aHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vZ3Nyc2FvdnNzbGNhMjAxODBWBgNV
HSAETzBNMEEGCSsGAQQBoDIBFDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5n
bG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgIwCQYDVR0TBAIwADA/
BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzcnNh
b3Zzc2xjYTIwMTguY3JsMB8GA1UdEQQYMBaCCiouZG1jLm5pY2+CCGRtYy5uaWNv
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBT473/y
zXhnqN5vjySNiPGHAwKz6zAdBgNVHQ4EFgQU5fMuVlDYbISBNoYW8/rQC61N7qYw
ggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQApeb7wnjk5IfBWc59jpXflvld9nGAK
+PlNXSZcJV3HhAAAAXbh9knOAAAEAwBGMEQCIB09NlQIQcmkZH8PMIArk+hpzwt8
fZJOvdl2SwrI32rOAiBT5rMrDK2wxZW3sxTilSRuqpDDaKA3MDtfTBLkxV6GqgB2
AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABduH2RtYAAAQDAEcw
RQIgWhCIgmEg1zMe13SSEpMZjlRW/tGGGuXngy7FXRQIujYCIQCImR7guvFs8wcC
ZAZ/OAGRbPDyGXynvjPxA9AeVzaSdzANBgkqhkiG9w0BAQsFAAOCAQEAbw+nRdAT
u+PJFNj2TMATaWkNEW2HtexCjWJftA1yyWITCYXdV9rflaggLUaDVJ2DXP7l8GAF
EgGdF6eIFTZ8CLEx8Vp6x+qZX0sRNByuglGtuvz4fmrtHSKp+1CGlDS/bttj8QfE
HyhIYOm9wy5LZrttb31KQ5n9e4ZuTVmdrNQ9+nXGBuhTM2Hijrxen3Xrrqz0v61E
0zt2801iV0TBc8gpj9LTxbhr+0z+ngnCuyKhkkVfMwt1obGM1v1VnP7/TVECL8C+
8WBWRpB74eJCm7hlSZDrPq6X+TaKCsKs4VwO3VzbE58gFPgFldtJYqI2FbqE8Zfy
SUrLgXO5R36rYg==
-----END CERTIFICATE-----
subject=C = JP, ST = Tokyo, L = Chuo-ku, O = "DWANGO Co.,Ltd.", CN = *.dmc.nico
issuer=C = BE, O = GlobalSign nv-sa, CN = GlobalSign RSA OV SSL CA 2018
---
No client certificate CA names sent
Peer signing digest: SHA512
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3145 bytes and written 440 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 82C884A72FF4C2F4346AEB73AB836FABC402DEBC7072C9F2D5B4D63C887F99B8
Session-ID-ctx:
Master-Key: D6FE9259BF613C4D406C0D47DE42D93E681E2F5CD41C138A81F0EFFA3A371253E6CF98DE961C5B1AF3F5B9ABE7B26E9F
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1628596464
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
DONE
The -legacy_renegotiation option may be used to work this around, but I suspect it is not at all recommended.
Version 3.0.0-beta2 (my own build) cannot connect to some server, says "unsafe legacy renegotiation disabled":
I might be wrong but I guess this is an OpenSSL issue, because there is no problem with version 1.1.1k (Gentoo):
The
-legacy_renegotiationoption may be used to work this around, but I suspect it is not at all recommended.