bug reported at 'PM 27.9.4 for Snow Leopard'

The place to report Pale Moon specific bugs on Linux and other operating systems.

Moderator: satrow

retroburrower
Hobby Astronomer
Hobby Astronomer
Posts: 15
Joined: 2017-09-11, 01:48

bug reported at 'PM 27.9.4 for Snow Leopard'

Unread post by retroburrower » 2018-10-12, 20:47

...as reported by me on said thread:
https://forum.palemoon.org/viewtopic.ph ... 2d#p154104
New Moon reports successive attempts of a TLS handshake, but then winds up in an endless loop. While it never gets to the Welcome Page, it does log me in, which PM 27.3.0 fails to do.

While this is being corrected, please add a 3rd option to Certificate Validation under Advanced Preferences:
"When an OCSP server fails, treat the certificate as valid."
Such workarounds are necessary due to servers victimising our use of a "misfit" broswer as if it poses a security threat to the victimisers.
Last edited by retroburrower on 2018-10-12, 20:54, edited 1 time in total.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 24469
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: bug reported at 'PM 27.9.4 for Snow Leopard'

Unread post by Moonchild » 2018-10-14, 07:26

First, kindly keep threads in the correct board and don't create duplictes in other boards.

Not sure what you hope to achieve posting about an unofficial old Mac version in he Linux board.

When an OCSP server fails, blatantly treating a certificate as valid is not good practice and I won't build that into the browser, sorry. If an OCSP server fails, the browser has to still verify the certificate and its revocation status through other means if possible. OCSP not responding in time is unfortunately relatively common and in that case you would just bypass any further checking... That is very dangerous!
"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne
Image

retroburrower
Hobby Astronomer
Hobby Astronomer
Posts: 15
Joined: 2017-09-11, 01:48

Re: bug reported at 'PM 27.9.4 for Snow Leopard'

Unread post by retroburrower » 2018-10-17, 01:46

First, this isn't a duplicate, as only the original was focused on the outdated 27.0.3, where there was total failure, while here it's about 27.9.4 having a bug what appears to be a TLS bug that wasn't mentioned in the original.

2nd, the parent page says "Linux & other." Being based on Unix, so facing similar networking issues, MacOS should qualify as "other."

Last & not least, I didn't realise that timeouts typically were at fault here, rather than a general bias against non-Windows browsers.

yami_
Astronaut
Astronaut
Posts: 505
Joined: 2018-04-26, 11:05

Re: bug reported at 'PM 27.9.4 for Snow Leopard'

Unread post by yami_ » 2018-10-17, 09:22

The correct board is https://forum.palemoon.org/viewforum.php?f=41. This board is for bug reports.
Off-topic:
Also:

Code: Select all

$ ./drill -D wifiauth.hdpl.org @192.168.6.1
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 44333
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; wifiauth.hdpl.org.   IN      A

;; ANSWER SECTION:

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 4 msec
;; EDNS: version 0; flags: do ; udp: 4096
;; SERVER: 192.168.6.1
;; WHEN: Wed Oct 17 11:18:28 2018
;; MSG SIZE  rcvd: 46
cat came back from Berkeley waving flags -- rob pike

Locked