Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 77108

Summary: SSL v2 disabled in galeon 1.3.18
Product: Gentoo Linux Reporter: Lindsay Haisley <fmouse-gentoo>
Component: Current packagesAssignee: Hanno Böck <hanno>
Status: RESOLVED INVALID    
Severity: normal    
Priority: High    
Version: 1.4   
Hardware: x86   
OS: Linux   
URL: https://www.networksolutions.com/en_US/manage-it/index.jhtml
Whiteboard:
Package list:
Runtime testing required: ---

Description Lindsay Haisley 2005-01-07 21:47:37 UTC 
When trying to log in to NSI's account management secure website with galeon I get an alert box with "You cannot connect to www.networksolutions.com because SSL version 2 is disabled."  I find no switchers in the galeon config UI, nor any ebuild info or USE vars which seem to relate to this.  SSL v2 is turned on in Mozilla.  Firefox, Mozilla and Epiphany all have no problem with this page.


# emerge info
Portage 2.0.51-r3 (default-linux/x86/2004.0, gcc-3.3.4, glibc-2.3.4.20040808-r1, 2.6.9-gentoo-r9 i686)
=================================================================
System uname: 2.6.9-gentoo-r9 i686 Intel(R) Pentium(R) 4 CPU 2.60GHz
Gentoo Base System version 1.4.16
ccache version 2.3 [enabled]
Autoconf: sys-devel/autoconf-2.59-r5
Automake: sys-devel/automake-1.8.5-r1
Binutils: sys-devel/binutils-2.15.90.0.1.1-r3
Headers:  sys-kernel/linux26-headers-2.6.8.1-r1
Libtools: sys-devel/libtool-1.5.2-r7
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O2 -mcpu=pentium4 -march=pentium4 -fprefetch-loop-arrays -pipe"
CHOST="i686-pc-linux-gnu"
COMPILER=""
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.1/share/config /usr/kde/3.2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O2 -mcpu=pentium4 -march=pentium4 -fprefetch-loop-arrays -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs autoconfig ccache distlocks sandbox sfperms"
GENTOO_MIRRORS="ftp://gentoo.noved.org/ http://gentoo.noved.org/ ftp://ftp.ussg.iu.edu/pub/linux/gentoo"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 X Xaw3d acl acpi alsa apache2 apm arts avi berkdb bindist bitmap-fonts bonobo cdr crypt cups curl doc dvd dvdr encode esd evo fam fastcgi flac flash foomaticdb fortran gdbm gif gnome gpm gps gstreamer gtk gtk2 gtkhtml guile hal imagemagick imap imlib ipv6 java jikes jpeg junit libwww mad maildir mcal mikmod motif mozilla mpeg mysql nas ncurses nls oggvorbis opengl oss pam pdflib perl plotutils png ppds python quicktime readline samba sasl scanner sdl slang slp snmp spell sse ssl svga tcltk tcpd tetex tiff truetype usb xml xml2 xmms xosd xv zeo zlib"
Comment 1 Lindsay Haisley 2005-01-07 21:49:50 UTC 
I should add that galeon has no problem with other secure pages, e.g. https://secure.fmp.com.
Comment 2 Hanno Böck gentoo-dev 2005-01-10 01:09:40 UTC 
This is not a bug, it's just galeon's default-behaviour disabling sslv2.
You can enable it by typing about:config in galeons address-bar and creating a boolean key called
security.enable_ssl2
and set it to "true".

But the better solution would probably forcing your provider to enable sslv3.
Comment 3 Lindsay Haisley 2005-01-10 08:21:41 UTC 
OK, thank you!

I guess the basic problem here is that this configuration interface is poorly documented, if at all.  I browsed through the Galeon Users Guide and without doing more than digging in the obvious places (the obvious place is "Setting Galein Preferences"), I found nothing about about:config.  I inquired about this problem on the gentoo-desktop list and no one there, including a number of gentoo devs, knew about this setting, apparently.  If I have any doubt at all that a problem I'm having is a true bug, and not just a config problem, I always inquire on one or more of the gentoo lists first to see if I can track an answer down.

I guess the "true bug" here is that about:config isn't well documented, and I or someone should probably file a doc bug on this.  If it's documented on the web somewhere, a subsection "Advanced" under "Setting Galeon Preferences" might simply provide a link to same.  Apparently these settings (or some of them) are gconf settings, which I thought I checked before filing a bug.  Apparently not, so it's my bad on this.

As far as getting NSI to switch to SSLv3, I have about as much chance of that as I had of keeping George W Bush from invading Iraq in '03 (and I made some efforts on the latter!).  NSI has been notoriously unresponsive and unhelpful on many fronts, which is why they've lost a substantial fraction of their domain name registry business to other, more consumer-friendly registrars.  Unfortunately, I still have a few customer domains registered through them and from time to time I have to deal with their account management UI :-(