- Phil Pellouchoud found a case where libcurl built with NSS failed to

handshake with a SSLv2 server, and it turned out to be because it didn't
  recognize the cipher named "rc4-md5". In our list that cipher was named
  plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported
  that it made things work for him again.
This commit is contained in:
Daniel Stenberg 2008-06-20 11:15:54 +00:00
parent 2e1a9da5e2
commit da97f78ae0
3 changed files with 10 additions and 1 deletions

View File

@ -7,6 +7,12 @@
Changelog Changelog
Daniel Stenberg (20 Jun 2008) Daniel Stenberg (20 Jun 2008)
- Phil Pellouchoud found a case where libcurl built with NSS failed to
handshake with a SSLv2 server, and it turned out to be because it didn't
recognize the cipher named "rc4-md5". In our list that cipher was named
plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported
that it made things work for him again.
- Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy - Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy
crashed libcurl. This is now addressed by making sure we use "plain send" crashed libcurl. This is now addressed by making sure we use "plain send"
internally when doing the socks handshake instead of the Curl_write() internally when doing the socks handshake instead of the Curl_write()

View File

@ -23,6 +23,7 @@ This release includes the following bugfixes:
o connection re-use when using the multi interface with pipelining enabled o connection re-use when using the multi interface with pipelining enabled
o curl_multi_socket() socket callback fix for close/re-create sockets case o curl_multi_socket() socket callback fix for close/re-create sockets case
o SCP or SFTP over socks proxy crashed o SCP or SFTP over socks proxy crashed
o RC4-MD5 cipher now works with NSS-built libcurl
This release includes the following known bugs: This release includes the following known bugs:
@ -40,6 +41,7 @@ This release would not have looked like this without help, code, reports and
advice from friends like these: advice from friends like these:
Lenny Rachitsky, Axel Tillequin, Arnaud Ebalard, Yang Tse, Dan Fandrich, Lenny Rachitsky, Axel Tillequin, Arnaud Ebalard, Yang Tse, Dan Fandrich,
Rob Crittenden, Dengminwen, Christopher Palow, Hans-Jürgen May Rob Crittenden, Dengminwen, Christopher Palow, Hans-Jurgen May,
Phil Pellouchoud
Thanks! (and sorry if I forgot to mention someone) Thanks! (and sorry if I forgot to mention someone)

View File

@ -104,6 +104,7 @@ enum sslversion { SSL2 = 1, SSL3 = 2, TLS = 4 };
static const cipher_s cipherlist[] = { static const cipher_s cipherlist[] = {
/* SSL2 cipher suites */ /* SSL2 cipher suites */
{"rc4", SSL_EN_RC4_128_WITH_MD5, SSL2}, {"rc4", SSL_EN_RC4_128_WITH_MD5, SSL2},
{"rc4-md5", SSL_EN_RC4_128_WITH_MD5, SSL2},
{"rc4export", SSL_EN_RC4_128_EXPORT40_WITH_MD5, SSL2}, {"rc4export", SSL_EN_RC4_128_EXPORT40_WITH_MD5, SSL2},
{"rc2", SSL_EN_RC2_128_CBC_WITH_MD5, SSL2}, {"rc2", SSL_EN_RC2_128_CBC_WITH_MD5, SSL2},
{"rc2export", SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, SSL2}, {"rc2export", SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, SSL2},