Closed
Bug 335859
Opened 18 years ago
Closed 18 years ago
"<site> has received an incorrect or unexpected message. Error Code: -12229" when visiting site with SSL2 disabled
Categories
(Core :: Security: PSM, defect, P1)
Tracking
()
VERIFIED
FIXED
mozilla1.8.1beta1
People
(Reporter: Gavin, Assigned: KaiE)
References
()
Details
(Keywords: ecommerce, regression, verified1.8.1)
Attachments
(2 files, 1 obsolete file)
3.95 KB,
text/plain
|
Details | |
772 bytes,
patch
|
KaiE
:
review+
nelson
:
review+
darin.moz
:
approval1.8.1+
|
Details | Diff | Splinter Review |
When visiting https://login.pizzapizza.ca/login.html, I get a prompt saying "login.pizzapizza.ca has received an incorrect or unexpected message. Error Code: -12229", and the site doesn't load. If I enable SSL2 by changing security.enable_ssl2 to true using about:config, I can successfully load the page. The page works in Firefox 1.5, regardless of the value of security.enable_ssl2.
Reporter | ||
Comment 1•18 years ago
|
||
Reporter | ||
Comment 2•18 years ago
|
||
This happens on the 1.8 branch and trunk.
Keywords: ecommerce,
regression
Version: Trunk → 1.8 Branch
Comment 3•18 years ago
|
||
looks like we need to try and narrow the regession window. kai, any ideas?
Flags: blocking1.9a1+
Reporter | ||
Comment 4•18 years ago
|
||
I can try and find a regression window later tonight. I had tried when I first saw this a while ago but ended up with the window where the default value of the SSL2 pref was changed.
Reporter | ||
Comment 5•18 years ago
|
||
1.8 branch regression range (testing with SSL2 disabled): http://bonsai.mozilla.org/cvsquery.cgi?branch=MOZILLA_1_8_BRANCH&branchtype=match&date=explicit&mindate=2006-03-21+03%3A00&maxdate=2006-03-22+03%3A00 Seems like this was likely caused by bug 284450. I'm not sure whether that means that this is a bug with the server rather than with Firefox.
Assignee | ||
Comment 6•18 years ago
|
||
This is probably the same as bug 338421, which has been fixed on trunk 2006-05-19. Can you please retest and give an update?
Priority: -- → P1
Target Milestone: --- → mozilla1.8.1
Reporter | ||
Comment 7•18 years ago
|
||
I still see the error message when visiting https://login.pizzapizza.ca/login.html with todays trunk Windows nightly (Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060530 Minefield/3.0a1).
Comment 8•18 years ago
|
||
*** Bug 340791 has been marked as a duplicate of this bug. ***
Reporter | ||
Updated•18 years ago
|
Flags: blocking1.8.1?
Updated•18 years ago
|
Target Milestone: mozilla1.8.1 → mozilla1.8.1beta1
Assignee | ||
Comment 9•18 years ago
|
||
I was able to connect by adding this error code -12229 SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT to the list that can indicate TLS intolerance. Nelson, do you agree this makes sense?
Attachment #227642 -
Flags: review?(nelson)
Comment 10•18 years ago
|
||
Comment on attachment 227642 [details] [diff] [review] Patch v1 yes, I concur. This is yet another manifestation of TLS intolerance.
Attachment #227642 -
Flags: review?(nelson) → review+
Comment 11•18 years ago
|
||
This bug is yet another argument for fixing PSM's error messages to make them readable (no big negative numbers). bug 107491
Blocks: 107491
Reporter | ||
Comment 12•18 years ago
|
||
As I understand it, this bug's solution is to prevent the message from appearing in the first place, not fixing the bad error message (which would be part of bug 107491, I imagine), so removing the late-l10n keyword.
Keywords: late-l10n
Comment 13•18 years ago
|
||
The error can still occur if the site was not TLS intolerant. Nelson's point is there are a large number of NSS errors which are translated by PSM. Had this error been translated, then the underlying issue may have been more obvious. bob
Reporter | ||
Comment 14•18 years ago
|
||
(In reply to comment #13) > The error can still occur if the site was not TLS intolerant. > Nelson's point is there are a large number of NSS errors which are translated > by PSM. Had this error been translated, then the underlying issue may have been > more obvious. I realize that - my comment was not a reply to Nelson's, I just wanted to make it clear why I was removing the late-l10n keyword. Since fixing this bug does not require adding any localizable strings, there's no reason for it to have that keyword.
Assignee | ||
Comment 15•18 years ago
|
||
In bug 333807 comment 1 Nelson asked me to add error code SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE, too. Marking r=nelson
Attachment #227642 -
Attachment is obsolete: true
Attachment #227733 -
Flags: review+
Assignee | ||
Comment 16•18 years ago
|
||
fixed on trunk
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•18 years ago
|
Attachment #227733 -
Flags: approval1.8.1?
Comment 17•18 years ago
|
||
Comment on attachment 227733 [details] [diff] [review] Patch v2 a=darin on behalf of drivers
Attachment #227733 -
Flags: approval1.8.1? → approval1.8.1+
Updated•18 years ago
|
Attachment #227733 -
Flags: review+
Comment 19•18 years ago
|
||
*** Bug 333807 has been marked as a duplicate of this bug. ***
Reporter | ||
Comment 20•18 years ago
|
||
Verified FIXED using: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b2) Gecko/20060902 BonEcho/2.0b2 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060830 Minefield/3.0a1
Status: RESOLVED → VERIFIED
Keywords: fixed1.8.1 → verified1.8.1
You need to log in
before you can comment on or make changes to this bug.
Description
•