yifeikong
commented
7 months ago That's a pretty big commit, I wonder if we would be able to revert it.
Closed yifeikong closed 3 months ago
yifeikong
commented
7 months ago That's a pretty big commit, I wonder if we would be able to revert it.
yifeikong
commented
7 months ago Firefox starts to support ECH in recent versions, enabling that with NSS make things even worse.
bjia56
commented
7 months ago So it sounds like we're out of luck with the Firefox build and need to emulate using BoringSSL starting curl 8.5?
yifeikong
commented
7 months ago I'm afraid so, I still need to update the extensions and it should be done. I will first implement firefox120, other older versions should be similar. But if there are some ciphers that are too old to be added back, it won't be supported then.
T-256
commented
4 months ago fyi I manually put libcurl.dll built via this release into curl_cffi.
It crashed on import on Python3.11
NSS was removed in https://github.com/curl/curl/commit/7c8bae0d9c9b2dfeeb008b9a316117d7b9675175
We can see if reverting that commit in the upstream curl would allow NSS to be linked in again for Firefox, but unfortunately this may not be a long-term sustainable approach.