On Sun, Oct 08, 2000 at 12:47:40PM -0700, Doug Kaufman wrote:
> On Sun, 8 Oct 2000, Bob Izenberg wrote:
>
> The message below from John Huang
> <address@hidden> was forwarded
> by the list moderator.
>
> >I would have upgraded to a newer version of lynx, except that the last
> >time I tried, I couldn't get 2.8.3rel.1 lynx to work with
> >https://www.edreyfus.com/cgi-bin/login. So I decided to stay with
> >2.8rel.2. If somebody has succeeded in accessing this site using the
> >latest lynx, do please let me know, and I'll attempt my upgrade again.
>
> I think the problem with "https://www.edreyfus.com" is with the
> SSL connection rather than with lynx itself. I can connect with an
> old SSLeay-based proxy, but not with a current openssl-based one.
> Investigating with "openssl s_client", it appears that you need to
> turn off ssl3 and tsl1 before you can get a handshake with that
> server. Hence I can connect with "openssl s_client -ssl2". At least
> with the eassl and edssl proxies, I don't see a way to turn this
> off at runtime. I don't know if there is a way to configure this at
> runtime with lynx built with the SSL patch. If this is a site that you
> need to visit frequently, you could consider rebuilding openssl with
> ssl3 ant tsl1 disabled, then linking lynx with this library.
That is correct. www.edreyfus.com only likes ssl2, and is really
impolite about even -ssl23 which should try to adapt.
I would suggest emailing edryfus, but given the state of their server,
a telegram might be more likely to be received :).
> I am forwarding a copy of this to Tom Zerucha, since I am not sure if
> he is still following lynx-dev regularly.
I don't monitor it, but I still use Lynx regularly.