Re: SSL protocol disabled in 1.1.18 Linux - intermittently
On 9/15/2009 11:57 AM PT, Robert Kaiser typed: I don't use Ubuntu. I use raw Debian. And I heard report of this problem from other distros as well, e.g. openSUSE 11.0. So basically, all UNIX and Linux? Nothing in Mac OS X and Windows? Right. As we're using the same NSS in 1.1.18 as in 2.0b2, and apparently 2.0b2 doesn't have that problem on the same machines, it looks very much like the problem isn't even NSS itself, but how we actually load it. If I just would understand any of that code... Same here. I am just a QA tester. :D According to the bug, it might be worth to set a https:// page as your start page and see if that makes the problem go away. If that works, we at least start to have a clue what's up. Sure, but I had only seen this problem once so... :/ -- Don't step on ants... they're people too. --a quote from ANTZ movie. /\___/\ / /\ /\ \ Phil/Ant @ http://antfarm.ma.cx (Personal Web Site) | |o o| |Ant's Quality Foraged Links (AQFL): http://aqfl.net \ _ / Nuke ANT from e-mail address: phi...@earthlink.netant ( ) or ant...@zimage.com Ant is currently not listening to any songs on his home computer. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: SSL protocol disabled in 1.1.18 Linux - intermittently
On 9/14/2009 2:33 AM PT, Ant typed: I FINALLY saw the problem on EarthLink's Webmail in my Debian/Linux box. How annoying. Is there a fix or do we have to downgrade back to v1.1.17? :( Has even a bug been filed on the Linux version of the issue? I notice that you said it was an old Debian box, so maybe NSS is trying to use a newer API that's not supported on whichever old version of Debian that you're using, similar to the Windows issue where they're using an API that was introduced with IE4. I don't know for your questions. How would I check for NSS version? Also, I cannot figure how to reproduce this error. It happened once. I fixed the problem by exiting SM and relaunching it. Also, this should had been posted in mozilla.support.seamonkey newsgroup as well. :) -- Ants never lend, ants never borrow. --unknown /\___/\ / /\ /\ \ Phil/Ant @ http://antfarm.ma.cx (Personal Web Site) | |o o| |Ant's Quality Foraged Links (AQFL): http://aqfl.net \ _ / Nuke ANT from e-mail address: phi...@earthlink.netant ( ) or ant...@zimage.com Ant is currently not listening to any songs on his home computer. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: SSL protocol disabled in 1.1.18 Linux - intermittently
Ant wrote: On 9/14/2009 2:33 AM PT, Ant typed: Also, I cannot figure how to reproduce this error. It happened once. I fixed the problem by exiting SM and relaunching it. Also, this should had been posted in mozilla.support.seamonkey newsgroup as well. :) The bug is filed, and not being able to consistently reproduce it is what makes it quite hard to find out what's the problem and possibly fix it. See https://bugzilla.mozilla.org/show_bug.cgi?id=514838 Robert Kaiser ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: SSL protocol disabled in 1.1.18 Linux - intermittently
On 9/14/2009 8:04 AM PT, Robert Kaiser typed: How would I check for NSS version? Why would you want to check it? We know the NSS version, SeaMonkey 1.1.18 comes with NSS 3.12.3.1, that's the whole purpose of doing a 1.1.18 at all, as the NSS 3.11.x used by SM 1.1.17 and lower allows SSL connections to be intercepted by third parties (so.called MITM attacks). Also, I cannot figure how to reproduce this error. It happened once. I fixed the problem by exiting SM and relaunching it. Yes, that bug is filed, and not being able to consistently reproduce it is what makes it quite hard to find out what's the problem and possibly fix it. See https://bugzilla.mozilla.org/show_bug.cgi?id=514838 Thanks Robert. We need to figure out how to reproduce it. There might be clues from last night's incident. Before I went to https://webmail.earthlink.net/, I was trying to vote on http://ve3d.com/, but it gave me an error about not being able to write (cache related?). I didn't write the error down because I thought it was unrelated to SSL. I went to Webmail and it gave me that SSL error. I tried to repeat that, but failed. :( -- This isn't a war. It never was a war, any more than there's war between man and ants. --artilleryman from H.G. Wells' The War of the Worlds /\___/\ / /\ /\ \ Phil/Ant @ http://antfarm.ma.cx (Personal Web Site) | |o o| |Ant's Quality Foraged Links (AQFL): http://aqfl.net \ _ / Nuke ANT from e-mail address: phi...@earthlink.netant ( ) or ant...@zimage.com Ant is currently not listening to any songs on his home computer. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: SSL protocol disabled in 1.1.18 Linux - intermittently
On 9/14/2009 9:37 AM PT, NoOp typed: How would I check for NSS version? Why would you want to check it? We know the NSS version, SeaMonkey 1.1.18 comes with NSS 3.12.3.1, that's the whole purpose of doing a 1.1.18 at all, as the NSS 3.11.x used by SM 1.1.17 and lower allows SSL connections to be intercepted by third parties (so.called MITM attacks). It does. But if you are using a debian packaged version, you'll want to check the version on your system to ensure that it is updated as well. http://www.ubuntu.com/usn/usn-810-1 http://www.ubuntu.com/usn/USN-810-2 http://www.ubuntu.com/usn/USN-810-3 Other distros should have similar security updates. Ant, to check your version use 'apt-cache policy packagename'. Sample output from an Ubuntu 9.04 system: $ apt-cache policy libnss3-1d libnss3-1d: Installed: 3.12.3.1-0ubuntu0.9.04.2 Candidate: 3.12.3.1-0ubuntu0.9.04.2 Version table: *** 3.12.3.1-0ubuntu0.9.04.2 0 500 http://archive.ubuntu.com jaunty-updates/main Packages 500 http://archive.ubuntu.com jaunty-security/main Packages 100 /var/lib/dpkg/status 3.12.2~rc1-0ubuntu2 0 500 http://archive.ubuntu.com jaunty/main Packages $ apt-cache policy libnspr4-0d libnspr4-0d: Installed: 4.7.5-0ubuntu0.9.04.1 Candidate: 4.7.5-0ubuntu0.9.04.1 Version table: *** 4.7.5-0ubuntu0.9.04.1 0 500 http://archive.ubuntu.com jaunty-updates/main Packages 500 http://archive.ubuntu.com jaunty-security/main Packages 100 /var/lib/dpkg/status 4.7.3-0ubuntu2 0 500 http://archive.ubuntu.com jaunty/main Packages Ref: https://bugzilla.mozilla.org/show_bug.cgi?id=486537 I don't use Ubuntu. I use raw Debian. As for SeaMonkey package, I used the seamonkey-1.1.18.en-US.linux-i686.tar.gz package from Mozilla's server since Debian dropped IceApe (aka SeaMonkey) a few months ago. :( I extracted it into /home/Programs/SeaMonkey. For those above packages if they help at all, I saw: $ apt-cache policy libnss3-1d libnss3-1d: Installed: 3.12.3.1-1 Candidate: 3.12.3.1-1 Version table: *** 3.12.3.1-1 0 990 http://ftp.debian.org testing/main Packages 100 /var/lib/dpkg/status 3.12.3.1-0lenny1 0 500 http://ftp.debian.org stable/main Packages 500 http://security.debian.org stable/updates/main Packages $ apt-cache policy libnspr4-0d libnspr4-0d: Installed: 4.8-1 Candidate: 4.8-1 Version table: *** 4.8-1 0 990 http://ftp.debian.org testing/main Packages 100 /var/lib/dpkg/status 4.7.1-4 0 500 http://ftp.debian.org stable/main Packages -- This is what metaphor is. It is not saying that an ant is an elephant. Perhaps; both are alive. No. Metaphor is saying the ant is an elephant. Now, logically speaking, I know there is a difference. If you put elephants and ants before me, I believe that every time I will correctly identify the elephant and the ant. So metaphor must come from a very different place than that of the logical, intelligent mind. It comes from a place that is very courageous, willing to step out of our preconceived ways of seeing things and open so large that it can see the oneness in an ant and in an elephant. --Natalie Goldberg /\___/\ / /\ /\ \ Phil/Ant @ http://antfarm.ma.cx (Personal Web Site) | |o o| |Ant's Quality Foraged Links (AQFL): http://aqfl.net \ _ / Nuke ANT from e-mail address: phi...@earthlink.netant ( ) or ant...@zimage.com Ant is currently not listening to any songs on his home computer. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey