Results 1 to 5 of 5

Thread: TLS 1.2 support for Windows XP

  1. #1
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    34,932
    Activity Longevity
    11/20 19/20
    Today Posts
    1/5 ssss34932

    TLS 1.2 support for Windows XP

    The included readme tells you everything you need to know, but I'll quote the most relevant parts:

    Code:
    NOTE: This patch only works on the x86 edition of Windows XP. It won't
    work on x64 or Windows Server 2003, and attempts at applying it to
    either will completely break your system.
    
    Here's the list of things you will have after doing all this:
    * Support for the TLS 1.1 and 1.2 protocols on programs that use
    Schannel and do not specify one by default (e.g. uTorrent)
    * Support for the AES 128 and 256 ciphers on programs that use Schannel
    (most Windows and .NET apps)
    * Support for SHA-128, 256 and 512 certificate signatures
    * A more secure setup that disables most cipher suites known to be weak
    or insecure as of May 2018
    
    And the things you _won't_ have:
    * TLS 1.1 and 1.2 support on Internet Explorer 8
    * Forward secrecy and elliptic curve encryption ciphers
    * Server Name Indication (an extension that's unrelated to the protocol
    version in use and not implemented by Microsoft)
    * TLS session tickets (same)
    If you're getting a "received an unexpected EOF or 0 bytes from the transport stream" on mRatio or RatioMaster Plus under Windows XP, installing this may fix it. Unfortunately, I was unable to get either program to use TLS 1.2 no matter what I tried (up to and including stealing a copy of System.dll from newer versions of the .NET Framework), so they're stuck with TLS 1.0.

    Enjoy!

    Attached Files Attached Files
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  2. Who Said Thanks:

    DashingDave (16.10.18) , lost.keys (02.10.18) , H265 (30.05.18) , cloud99 (30.05.18)

  3. #2
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    34,932
    Activity Longevity
    11/20 19/20
    Today Posts
    1/5 ssss34932
    As it turns out, you can get TLS 1.1 and 1.2 support on IE8 if you uncomment a certain block of the attached registry file that says otherwise and install KB4339093...



    Of course, there's no forward secrecy or SNI, and Internet Explorer 8 is still Internet Explorer 8, but if you're reading this thread you probably don't care
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  4. Who Said Thanks:

    lost.keys (02.10.18)

  5. #3
    lost.keys's Avatar
    Join Date
    11.01.13
    Posts
    19
    Activity Longevity
    0/20 10/20
    Today Posts
    0/5 sssssss19
    WTF, Waffles is working on XP again!!! They only use HTTPs tracker announcer and thanks to this method, it is now possible to use uTorrent with Waffles & any other tracker using HTTPs announcers. Very underappreciated post right there, people...

    God, how I love SB-Innovation, for many years now... Anon & Lucius - you guys are some kult personnes
    Reply With QuoteReply With Quote
    Thanks

  6. Who Said Thanks:

    alpacino (02.10.18)

  7. #4
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    34,932
    Activity Longevity
    11/20 19/20
    Today Posts
    1/5 ssss34932
    This was just a throwaway project of mine until someone reported mRatio was broken on Waffles under Windows XP, and version 1 of this patch solved the problem. At that point, I decided to improve it with files from newer security updates and give it a separate thread. It took me two days to test and put everything together, so I'm glad it was useful I can't believe Microsoft never added support for the AES cipher through a "normal" update during the 13 years Windows XP was officially supported.

    Also, you are fortunate Waffles is apparently hosted on a dedicated server (as this patch doesn't add SNI support), and to a lesser degree that it supports the cipher suites listed above, though the latter isn't likely to change soon. A lot of sites still allow the relatively unsafe combination of RSA, AES and SHA1 (which by the way is all mRatio can do under XP even after installing this, due to its reliance on .NET 2.0).

    Also², I wanted to backport GPT support from Server 2003 to XP as well, but tests have been unsuccessful thus far.
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  8. #5

    Join Date
    15.10.18
    Location
    United Arab Emirates
    P2P Client
    uTorrent
    Posts
    6
    Activity Longevity
    0/20 1/20
    Today Posts
    0/5 ssssssss6
    This information is very useful. It works perfectly as it should on Windows 7.
    I hope XP guys can make it work though! Everything needs a little effort.
    Reply With QuoteReply With Quote
    Thanks

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188