aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2008-06-20 11:15:54 +0000
committerDaniel Stenberg <daniel@haxx.se>2008-06-20 11:15:54 +0000
commitda97f78ae0e3ab2cbcf76503c4a159da761d0f57 (patch)
tree9a10edff08e1abc399f9ba2990ca35c0cf70f904
parent2e1a9da5e2ab29b4e7024395a09ab254f6b8d913 (diff)
- Phil Pellouchoud found a case where libcurl built with NSS failed to
handshake with a SSLv2 server, and it turned out to be because it didn't recognize the cipher named "rc4-md5". In our list that cipher was named plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported that it made things work for him again.
-rw-r--r--CHANGES6
-rw-r--r--RELEASE-NOTES4
-rw-r--r--lib/nss.c1
3 files changed, 10 insertions, 1 deletions
diff --git a/CHANGES b/CHANGES
index edec49675..7c3c99311 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,12 @@
Changelog
Daniel Stenberg (20 Jun 2008)
+- Phil Pellouchoud found a case where libcurl built with NSS failed to
+ handshake with a SSLv2 server, and it turned out to be because it didn't
+ recognize the cipher named "rc4-md5". In our list that cipher was named
+ plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported
+ that it made things work for him again.
+
- Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy
crashed libcurl. This is now addressed by making sure we use "plain send"
internally when doing the socks handshake instead of the Curl_write()
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index e48fdb53e..91f093441 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -23,6 +23,7 @@ This release includes the following bugfixes:
o connection re-use when using the multi interface with pipelining enabled
o curl_multi_socket() socket callback fix for close/re-create sockets case
o SCP or SFTP over socks proxy crashed
+ o RC4-MD5 cipher now works with NSS-built libcurl
This release includes the following known bugs:
@@ -40,6 +41,7 @@ This release would not have looked like this without help, code, reports and
advice from friends like these:
Lenny Rachitsky, Axel Tillequin, Arnaud Ebalard, Yang Tse, Dan Fandrich,
- Rob Crittenden, Dengminwen, Christopher Palow, Hans-Jürgen May
+ Rob Crittenden, Dengminwen, Christopher Palow, Hans-Jurgen May,
+ Phil Pellouchoud
Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/nss.c b/lib/nss.c
index 093f127cf..07bb2edd0 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -104,6 +104,7 @@ enum sslversion { SSL2 = 1, SSL3 = 2, TLS = 4 };
static const cipher_s cipherlist[] = {
/* SSL2 cipher suites */
{"rc4", SSL_EN_RC4_128_WITH_MD5, SSL2},
+ {"rc4-md5", SSL_EN_RC4_128_WITH_MD5, SSL2},
{"rc4export", SSL_EN_RC4_128_EXPORT40_WITH_MD5, SSL2},
{"rc2", SSL_EN_RC2_128_CBC_WITH_MD5, SSL2},
{"rc2export", SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, SSL2},