[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-bugs-dist
Subject: Bug#30043: more on interaction between SSLv2/v3 in new-style https support
From: James Young <marm () marm ! org ! uk>
Date: 2001-07-31 22:06:32
[Download RAW message or body]
Further testing has revealed more specific stuff, and that what I
reported previously was not quite right:
each instance of kio_http that is started by Konqueror seems to need
'initializing' with SSLv2 - that is, if I select only SSLv2, visit an
SSL site that accepts SSLv2 connections, then select only SSLv3, and
Konqui reuses this 'initialized' instance of kio_http, then the SSLv3
connection works correctly.
If Konqui instantiates a new kio_http that has not been 'initialized'
with SSLv2, then any attempt to make an SSLv3 or TLS connection fails,
kio_http dies.
It appears that this happens after the certificate exchange, because
the server's certificate appears in 'Peer SSL certificates' in
kcmcrypto after kio_http has died.
I was wondering if this was something timing-related, perhaps a pointer
doesn't get initialized in time due to a race condition, a race which
gets masked by a faster processor, as I am using what is a very slow
machine these days (PII-233), and other users of the same Debian
packages don't seem to be able to reproduce the problem, but at a guess
are using faster machines.
However, I'm no C++ guru, so this is just a wild guess.
--
marm
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic