This repository has been archived by the owner on Nov 6, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Ruleset checker handshake error #1038
Comments
It looks like curl disables the RC4 cipher, which differs from Firefox and the OpenSSL default: http://curl.haxx.se/mail/tracker-2014-03/0014.html. We can change that on the command line, so I'm pretty sure we can change it in PyCurl. |
Ah cool! Yeah, that works: Useful since it looks like this is served via Akamai, so likely to impact more sites:
|
jsha
added a commit
that referenced
this issue
Feb 11, 2015
Per #1038, sites that only support RC4 were incorrectly disabled by curl, used by https-everywhere-checker, disables RC4 by default. I re-enabled RC4 and re-ran the checker for all rules with SSL23_GET_SERVER_HELLO in the disable message. Some rules are still disabled for unrelated handshake reasons. Other rules are now disabled for different reasons. And a lot of rules are now re-enabled.
Fixed. |
1 similar comment
Fixed. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Copying @semenko's comment from #1036:
This can also be reproduced with curl, which makes sense since the checker uses PyCurl. Not sure what is going on here. We should track down the cause of the handshake error, and whether it can be fixed with configuration parameters.
The text was updated successfully, but these errors were encountered: