On Wed October 21 2009 14:43:13 Kaspar Brand wrote: > Would you be able/willing to compile curl against a patched version of > NSS? The attached diff is a first try to add an > SSL_DISABLE_TLS_EXTENSIONS option to NSS... in lib/nss.c, you could then > simply turn them off with > > if (data->state.tls_broken_server > && SSL_OptionSet(model, SSL_DISABLE_TLS_EXTENSIONS, PR_TRUE)) > goto error; > > (you wouldn't have to turn "tlsv1" off, and the SSL_V2_COMPATIBLE_HELLO > line can also be left as is)
Thanks for contributing it! I've just tested your patch for NSS and it looks like it solves the problem. However I'll need to spend some additional time playing with it before I raise the issue at upstream bugzilla or whatever. Thanks in advance for being patient! Kamil ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
