[dev] [surf] Peer failed to perform TLS handshake

From: Markus Teich <markus.teich_AT_stusta.mhn.de>
Date: Sun, 11 Jan 2015 19:04:46 +0100


I get this error message when navigating to [0] and a few other sites. I tested
with my custom patched surf as well as with upstream master (unmodified
config.def.h). I use net-libs/webkit-gtk-2.4.7-r200 from the default gentoo
repository. Wireshark tells me, surf is trying to establish a SSLv3 connection
which of course is very outdated and should not be used. In surf.c I could only
find the following lines, but no internals how to select allowed algorithms and
protocol versions:

> tlsdb = g_tls_file_database_new(cafile, &error);
> if(error) {
> g_warning("Error loading SSL database %s: %s", cafile, error->message);
> g_error_free(error);
> }
> g_object_set(G_OBJECT(s), "tls-database", tlsdb, NULL);
> g_object_set(G_OBJECT(s), "ssl-strict", strictssl, NULL);

Does someone have a hint how to fix this?


0: http://www.bahn.de/p/view/bahncard/ueberblick/bahncardservice.shtml?dbkanal_007=L01_S01_D001_KIN0004_top-navi-flyout_bc-bcservices_LZ01
Received on Sun Jan 11 2015 - 19:04:46 CET

This archive was generated by hypermail 2.3.0 : Sun Jan 11 2015 - 19:12:07 CET