Version: REBOL/View 2.7.8.3.1 1-Jan-2011
I have run a REBOL script weekly that fetches data for years. The last verified working of the script 21-Oct-2016.
As of today, 28-Oct-2016 the script fails with this error:
** Command Error: SSL Error: error:14077410:SSL routines:SSL23_GET_SERVER_HEL LO:sslv3 alert handshake failure
Someone suggests that during the SSL/TLS handshake, REBOL only offers ciphers that current servers no longer support. Subsequently, the server my script tried to contact is not willing to work with older ciphers of REBOL and thus the handshake fails.
Is this right? If this is so, REBOL 2.7.8 will become useless before long unless patched.
Incidentally, this fails with Saphirion's R3. In that case, it simply crashes and stops working without spewing an error message.
I don't know much about rebol but according to the documentation it is available for a variety of systems, including various UNIX like systems. This suggests that the underlying library used for SSL/TLS is the most commonly used library which covers all supported systems, i.e. OpenSSL.
Given the data of the release if the rebol version this should be either an early version 1.0.0 of OpenSSL or more likely version 0.9.8. None of these OpenSSL releases support TLS 1.2 or ECDHE ciphers which are commonly supported by modern servers and sometimes not only supported but required. In the last case the SSL handshake simply will fail. Other reasons why the handshake might fail is that the site requires Server Name Indication (SNI). While SNI could be supported with OpenSSL 0.9.8 already it wasn't that much used in 2011 and thus only few software supported it at this time. But today SNI is often essential, for example if you try to access sites protected by Cloudflare Free SSL.