Closed
Bug 969891
Opened 11 years ago
Closed 11 years ago
AMO sometimes requires MD5 enabled in the browser
Categories
(Cloud Services :: Operations: Marketplace, task)
Cloud Services
Operations: Marketplace
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 937555
People
(Reporter: msharov, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0 (Beta/Release)
Build ID: 20131118194756
Steps to reproduce:
RC4 and MD5 are currently believed to be insecure, so in about:config I have set security.ssl3.rsa_rc4_128_md5 and _sha to false.
Actual results:
The browser randomly displays MAC error ssl_error_bad_mac_read while accessing the site directly or just fails when using the addons dialog. This only happens sometimes (I'd guess about 1 in 4), perhaps indicating that only some of your servers are affected. Enabling rc4-md5 AND rc4-sha eliminates the problem. Strangely, having either one disabled produces the error.
Expected results:
Since at least some of your servers support work fine without RC4 (reloading the page eventually gets through), all servers should do so. Or, at least figure out why it's a MAC error instead of cipher negotiation failure.
Updated•11 years ago
|
Assignee: nobody → server-ops-amo
Component: Administration → Server Operations: AMO Operations
Product: addons.mozilla.org → mozilla.org
QA Contact: oremj
Version: unspecified → other
Updated•11 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
Updated•10 years ago
|
Component: Server Operations: AMO Operations → Operations: Marketplace
Product: mozilla.org → Mozilla Services
You need to log in
before you can comment on or make changes to this bug.
Description
•