Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: About the upcoming deprecation of NSS
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Aaltonen Eero via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 11 Aug 2022 11:32:57 +0000
On Tue, 2022-07-19 at 11:39 +0200, Daniel Stenberg via curl-library
wrote:
> On Sun, 17 Jul 2022, lwthiker via curl-library wrote:
>
> > I've just found out about the upcoming deprecation of the NSS
> > support while trying to build curl with it. I'd like to point out a
> > current use case for using curl+NSS as part of "curl-impersonate",
> > a curl fork that I maintain and is available at
> > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Flwthiker%2Fcurl-impersonate&data=05%7C01%7Ceero.aaltonen%40vaisala.com%7Cdb4940faf80b4d7bad6d08da696aa36b%7C6d7393e041f54c2e9b124c2be5da5c57%7C0%7C0%7C637938203974034364%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=0bTrNTqMyDTznLa83gSBVScJVgeBFx9Kkur6THgsvkM%3D&reserved=0
> > .
> > NSS is used there to configure curl to look like Firefox when it
> > comes to the TLS handshake. The project seems to have quite a
> > substantial number of users using it currently, and specifically
> > the Firefox mode.
>
> Thanks for pointing this out, it should certainly be taken into
> account and used when making a decision about NSS's future in curl.
<snip>
> The additional magic that allowed NSS code to read PEM certs from
> file made curl+NSS get features used by a lot of users requires extra
> external magic, so when you use curl+NSS outside of Red Hat Linux
> that's not available and it becomes a less pleasent experience.
In Debian and Ubuntu, said magic is provided in the
nss-plugin-pem package.
BR,
Date: Thu, 11 Aug 2022 11:32:57 +0000
On Tue, 2022-07-19 at 11:39 +0200, Daniel Stenberg via curl-library
wrote:
> On Sun, 17 Jul 2022, lwthiker via curl-library wrote:
>
> > I've just found out about the upcoming deprecation of the NSS
> > support while trying to build curl with it. I'd like to point out a
> > current use case for using curl+NSS as part of "curl-impersonate",
> > a curl fork that I maintain and is available at
> > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Flwthiker%2Fcurl-impersonate&data=05%7C01%7Ceero.aaltonen%40vaisala.com%7Cdb4940faf80b4d7bad6d08da696aa36b%7C6d7393e041f54c2e9b124c2be5da5c57%7C0%7C0%7C637938203974034364%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=0bTrNTqMyDTznLa83gSBVScJVgeBFx9Kkur6THgsvkM%3D&reserved=0
> > .
> > NSS is used there to configure curl to look like Firefox when it
> > comes to the TLS handshake. The project seems to have quite a
> > substantial number of users using it currently, and specifically
> > the Firefox mode.
>
> Thanks for pointing this out, it should certainly be taken into
> account and used when making a decision about NSS's future in curl.
<snip>
> The additional magic that allowed NSS code to read PEM certs from
> file made curl+NSS get features used by a lot of users requires extra
> external magic, so when you use curl+NSS outside of Red Hat Linux
> that's not available and it becomes a less pleasent experience.
In Debian and Ubuntu, said magic is provided in the
nss-plugin-pem package.
BR,
-- Eero Aaltonen -- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2022-08-11