From: Jason Vas Dias <jason.vas.dias@gmail.com>
To: "Herbert J. Skuhra" <herbert@gojira.at>
Cc: emacs-devel@gnu.org
Subject: Re: eww + w3m / GnuTLS TLSv1 support ?
Date: Sun, 13 Feb 2022 16:48:00 +0000 [thread overview]
Message-ID: <CALyZvKwhAOazz0OzuCDFOzvJWaKwJzyu_XQQLbYCNYpcCm-31Q@mail.gmail.com> (raw)
In-Reply-To: <YgknRx/DfkZeyMGC@mail.bsd4all.net>
Yes, I did try that , and :
security.tls.version_min : 1 (was 3)
security.tls.version.enable-deprecated : false (was true)
After I did this, I did get an 'Enable TLSv1.1 / TLSv1.2' button on FIRST
re-load of the page, but pressing this and re-loading had no effect. Still,
I have no option to accept the page's self-signed certificate or proceed,
but still I get only
'Error code: SSL_ERROR_UNSUPPORTED_VERSION'
responses.
I then did try setting :
security.tls.hello_downgrade_check : false (was true)
network.http.spdy.enforce-tls-profile : false (was true)
Still no joy with Firefox 96, Chrome Unstable, EWW, W3M -
ideally, it would be nice if EWW or W3M would let me set
the TLS protocol version to use, with some variable setting -
that is really why I was posting to the emacs-devel list.
And I am curious as to if there is an Emacs package that
enables an 'inferior-nodejs-process' mode, like Slime's
'inferior-lisp-process' , that W3M and|or EWW could use
, to serve the HTML DOM XML for loaded pages,
and to run JavaScript with the DOM model in place
like a browser does - is work done / going on in this
direction ? Otherwise it might be nice project to take on ...
I did raise a Firefox bug about this also :
https://bugzilla.mozilla.org/show_bug.cgi?id=1755196
I am looking into setting up an Apache Module proxy that uses
libcurl to request the router webpage and serve it on my local
host, that seems to be the only way to fix this problem quickly ...
Thanks, Best Regards,
Jason Vas Dias
On 13/02/2022, Herbert J. Skuhra <herbert@gojira.at> wrote:
> On Sun, Feb 13, 2022 at 02:58:15PM +0000, Jason Vas Dias wrote:
>> Good day -
>>
>> I need to access the website of a modem which ONLY supports
>> TLS Version 1.0 - the only CURL options that work for it
>> are :
>> $ curl -ik --tlsv1.0 --basic -u$USER':'$PASS 'https://192.168.1.1'
>> ( options '--tlsv1.'{1,2,3} NO NOT WORK AT ALL ! )
>> OpenSSL s_client also works with ONLY the '-tls1' option
>> (but does not do the HTTP Basic Auth as curl does).
>>
>> I only have access to my up-to-date Fedora 34 Linux x86_64 host,
>> or my Android Phone on the WiFi network it serves with hostapd.
>>
>> It has been the case for a while that Firefox / Chrome for Linux
>> do not permit me to use TLS-v1 - only Windows 10's Internet Explorer
>> used to work, when run from a Qemu/KVM Windows VM under Linux - but
>> now,
>> with latest Windows 10 update, even this support has been removed.
>>
>> So my only home internet connection router's operations / management
>> web-page is now completely inaccessable to me from any of 6 modern
>> browsers
>> I have installed on Linux or Windows :
>> ( latest Firefox, latest Chrome, w3m , eww, lynx, MS-Edge, MS-IE ) -
>> none of them support TLSv1.0 .
>
> Have you tried to set
>
> security.tls.version.enable-deprecated to true
>
> in Firefox (about:config)?
>
> This still works with Firefox 97.0 and an old(er) SNOM 300 SIP phone.
>
> I have created a separate Firefox profile for this use case.
>
> Maybe other solutions like stunnel, etc. might work too.
>
> --
> Herbert
>
>
next prev parent reply other threads:[~2022-02-13 16:48 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-13 14:58 eww + w3m / GnuTLS TLSv1 support ? Jason Vas Dias
2022-02-13 15:44 ` Herbert J. Skuhra
2022-02-13 16:48 ` Jason Vas Dias [this message]
2022-02-13 17:07 ` Eli Zaretskii
2022-02-14 12:34 ` Jason Vas Dias
2022-02-14 13:25 ` Herbert J. Skuhra
2022-02-14 13:36 ` Jason Vas Dias
2022-02-14 18:51 ` chad
2022-02-15 12:52 ` Jason Vas Dias
2022-02-15 12:55 ` Jason Vas Dias
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALyZvKwhAOazz0OzuCDFOzvJWaKwJzyu_XQQLbYCNYpcCm-31Q@mail.gmail.com \
--to=jason.vas.dias@gmail.com \
--cc=emacs-devel@gnu.org \
--cc=herbert@gojira.at \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.