cURL
Haxx ad
libcurl

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-library Mailing List Archives

Re: firefox ssl v2

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Thu, 8 Oct 2009 11:26:58 +0200

On Thu October 8 2009 01:50:30 Peter Sylvester wrote:
> firefox doesn't use ssl v2 anymore. I remember 5 years ago,
> there was even a bug in mozilla. Even when turning off v2
> the compatible client hello was send. The tests of which
> ssl versions are enabledwere were badly combined to
> find out which hello should be sent.
>
> I don't know whether this ever got fixed.

I've traced the working Firefox on the same URL (full trace attached).

The scenario was following:

1) it tried to connect with:
  enableSSL2 = 0,
  enableSSL3 = 1,
  enableTLS = 1,
  v2CompatibleHello = 0,

2) then it tried to connect with:
  enableSSL2 = 0,
  enableSSL3 = 1,
  enableTLS = 0,
  v2CompatibleHello = 1,

It looks like sort of workaround for some buggy servers to me, not yet looked
at the source code. Maybe we want to dig it out of Firefox and put it to
libcurl. Any ideas?

Kamil

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

Received on 2009-10-08

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET