Closed yifeikong closed 3 months ago
That's a pretty big commit, I wonder if we would be able to revert it.
Firefox starts to support ECH in recent versions, enabling that with NSS make things even worse.
So it sounds like we're out of luck with the Firefox build and need to emulate using BoringSSL starting curl 8.5?
I'm afraid so, I still need to update the extensions and it should be done. I will first implement firefox120, other older versions should be similar. But if there are some ciphers that are too old to be added back, it won't be supported then.
fyi I manually put libcurl.dll
built via this release into curl_cffi.
It crashed on import on Python3.11
NSS was removed in https://github.com/curl/curl/commit/7c8bae0d9c9b2dfeeb008b9a316117d7b9675175
We can see if reverting that commit in the upstream curl would allow NSS to be linked in again for Firefox, but unfortunately this may not be a long-term sustainable approach.