Page 1 of 1

bug reported at 'PM 27.9.4 for Snow Leopard'

Posted: 2018-10-12, 20:47
by retroburrower reported by me on said thread:
viewtopic.php?f=41&t=19694&sid=5eb03f68 ... 2d#p154104
New Moon reports successive attempts of a TLS handshake, but then winds up in an endless loop. While it never gets to the Welcome Page, it does log me in, which PM 27.3.0 fails to do.

While this is being corrected, please add a 3rd option to Certificate Validation under Advanced Preferences:
"When an OCSP server fails, treat the certificate as valid."
Such workarounds are necessary due to servers victimising our use of a "misfit" broswer as if it poses a security threat to the victimisers.

Re: bug reported at 'PM 27.9.4 for Snow Leopard'

Posted: 2018-10-14, 07:26
by Moonchild
First, kindly keep threads in the correct board and don't create duplictes in other boards.

Not sure what you hope to achieve posting about an unofficial old Mac version in he Linux board.

When an OCSP server fails, blatantly treating a certificate as valid is not good practice and I won't build that into the browser, sorry. If an OCSP server fails, the browser has to still verify the certificate and its revocation status through other means if possible. OCSP not responding in time is unfortunately relatively common and in that case you would just bypass any further checking... That is very dangerous!

Re: bug reported at 'PM 27.9.4 for Snow Leopard'

Posted: 2018-10-17, 01:46
by retroburrower
First, this isn't a duplicate, as only the original was focused on the outdated 27.0.3, where there was total failure, while here it's about 27.9.4 having a bug what appears to be a TLS bug that wasn't mentioned in the original.

2nd, the parent page says "Linux & other." Being based on Unix, so facing similar networking issues, MacOS should qualify as "other."

Last & not least, I didn't realise that timeouts typically were at fault here, rather than a general bias against non-Windows browsers.

Re: bug reported at 'PM 27.9.4 for Snow Leopard'

Posted: 2018-10-17, 09:22
by yami_
The correct board is viewforum.php?f=41. This board is for bug reports.

Code: Select all

$ ./drill -D @
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 44333
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;;   IN      A




;; Query time: 4 msec
;; EDNS: version 0; flags: do ; udp: 4096
;; WHEN: Wed Oct 17 11:18:28 2018
;; MSG SIZE  rcvd: 46