bug reported at 'PM 27.9.4 for Snow Leopard'

Talk about code development, features, specific bugs, enhancements, patches, and similar things.
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.

This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.

Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
retroburrower

bug reported at 'PM 27.9.4 for Snow Leopard'

Unread post by retroburrower » 2018-10-12, 20:47

...as reported by me on said thread:
viewtopic.php?f=41&t=19694&sid=5eb03f68 ... 2d#p154104
New Moon reports successive attempts of a TLS handshake, but then winds up in an endless loop. While it never gets to the Welcome Page, it does log me in, which PM 27.3.0 fails to do.

While this is being corrected, please add a 3rd option to Certificate Validation under Advanced Preferences:
"When an OCSP server fails, treat the certificate as valid."
Such workarounds are necessary due to servers victimising our use of a "misfit" broswer as if it poses a security threat to the victimisers.
Last edited by retroburrower on 2018-10-12, 20:54, edited 1 time in total.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35473
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: bug reported at 'PM 27.9.4 for Snow Leopard'

Unread post by Moonchild » 2018-10-14, 07:26

First, kindly keep threads in the correct board and don't create duplictes in other boards.

Not sure what you hope to achieve posting about an unofficial old Mac version in he Linux board.

When an OCSP server fails, blatantly treating a certificate as valid is not good practice and I won't build that into the browser, sorry. If an OCSP server fails, the browser has to still verify the certificate and its revocation status through other means if possible. OCSP not responding in time is unfortunately relatively common and in that case you would just bypass any further checking... That is very dangerous!
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

retroburrower

Re: bug reported at 'PM 27.9.4 for Snow Leopard'

Unread post by retroburrower » 2018-10-17, 01:46

First, this isn't a duplicate, as only the original was focused on the outdated 27.0.3, where there was total failure, while here it's about 27.9.4 having a bug what appears to be a TLS bug that wasn't mentioned in the original.

2nd, the parent page says "Linux & other." Being based on Unix, so facing similar networking issues, MacOS should qualify as "other."

Last & not least, I didn't realise that timeouts typically were at fault here, rather than a general bias against non-Windows browsers.

yami_

Re: bug reported at 'PM 27.9.4 for Snow Leopard'

Unread post by yami_ » 2018-10-17, 09:22

The correct board is viewforum.php?f=41. This board is for bug reports.
Off-topic:
Also:

Code: Select all

$ ./drill -D wifiauth.hdpl.org @192.168.6.1
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 44333
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; wifiauth.hdpl.org.   IN      A

;; ANSWER SECTION:

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 4 msec
;; EDNS: version 0; flags: do ; udp: 4096
;; SERVER: 192.168.6.1
;; WHEN: Wed Oct 17 11:18:28 2018
;; MSG SIZE  rcvd: 46

Locked