diff --git a/CHANGES b/CHANGES index edec49675..7c3c99311 100644 --- a/CHANGES +++ b/CHANGES @@ -7,6 +7,12 @@ Changelog Daniel Stenberg (20 Jun 2008) +- Phil Pellouchoud found a case where libcurl built with NSS failed to + handshake with a SSLv2 server, and it turned out to be because it didn't + recognize the cipher named "rc4-md5". In our list that cipher was named + plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported + that it made things work for him again. + - Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy crashed libcurl. This is now addressed by making sure we use "plain send" internally when doing the socks handshake instead of the Curl_write() diff --git a/RELEASE-NOTES b/RELEASE-NOTES index e48fdb53e..91f093441 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -23,6 +23,7 @@ This release includes the following bugfixes: o connection re-use when using the multi interface with pipelining enabled o curl_multi_socket() socket callback fix for close/re-create sockets case o SCP or SFTP over socks proxy crashed + o RC4-MD5 cipher now works with NSS-built libcurl This release includes the following known bugs: @@ -40,6 +41,7 @@ This release would not have looked like this without help, code, reports and advice from friends like these: Lenny Rachitsky, Axel Tillequin, Arnaud Ebalard, Yang Tse, Dan Fandrich, - Rob Crittenden, Dengminwen, Christopher Palow, Hans-Jürgen May + Rob Crittenden, Dengminwen, Christopher Palow, Hans-Jurgen May, + Phil Pellouchoud Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/nss.c b/lib/nss.c index 093f127cf..07bb2edd0 100644 --- a/lib/nss.c +++ b/lib/nss.c @@ -104,6 +104,7 @@ enum sslversion { SSL2 = 1, SSL3 = 2, TLS = 4 }; static const cipher_s cipherlist[] = { /* SSL2 cipher suites */ {"rc4", SSL_EN_RC4_128_WITH_MD5, SSL2}, + {"rc4-md5", SSL_EN_RC4_128_WITH_MD5, SSL2}, {"rc4export", SSL_EN_RC4_128_EXPORT40_WITH_MD5, SSL2}, {"rc2", SSL_EN_RC2_128_CBC_WITH_MD5, SSL2}, {"rc2export", SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, SSL2},