Re: broken ssl support in kdelibs3-crypto (2.2.0-0beta1-7)

[James Young <marm@marm.org.uk>]

On Tuesday 31 July 2001 06:10, Ivan E. Moore II wrote:

> are you using a proxy?  I know there are still some bits that have
> been fixed since the version your running...

No, I'm not using a proxy.  After much scratching of head and playing, 
I discovered what was going on - if all three of TLS, SSLv2 and SSLv3 
are enabled (as is the default) then the https support is broken on my 
machine.  If, however, I deselect one of these (any one), then 
magically, it starts working.  SSLv2 & SSLv3 together - works fine.  
TLS & SSLv2 together - works fine.  TLS & SSLv3 together - works fine.  
Any of them on their own - works fine (although lots of sites now 
reject SSLv2 for security reasons, and not many support TLS yet).  All 
three selected - no go, kio_http dies.

So, for the moment at least, I've just turned off TLS support and 
everything works ok.

It's a weird bug, especially as no-one else has confirmed it yet.  This 
is an old machine (PII-233) and I'm wondering if it's something 
timing-dependent that gets masked by a faster processor.  I had a quick 
look at the source, but kssl is a large module and depends on OpenSSL 
which is very large indeed, so I found myself a bit out of my depth.

Anyway, reported it to the KDE bug tracking system, will see if it gets 
fixed.

Thanks for being patient,
-- 
marm