Results 1 to 5 of 5

Thread: TLS 1.2 support for Windows XP

  1. #1
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    35,092
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss35092

    TLS 1.2 support for Windows XP

    The included readme tells you everything you need to know, but I'll quote the most relevant parts:

    Code:
    NOTE: This patch only works on the x86 edition of Windows XP. It won't
    work on x64 or Windows Server 2003, and attempts at applying it to
    either will completely break your system.
    
    Here's the list of things you will have after doing all this:
    * Support for the TLS 1.1 and 1.2 protocols on programs that use
    Schannel and do not specify one by default (e.g. uTorrent)
    * Support for the AES 128 and 256 ciphers on programs that use Schannel
    (most Windows and .NET apps)
    * Support for SHA-128, 256 and 512 certificate signatures
    * A more secure setup that disables most cipher suites known to be weak
    or insecure as of May 2018
    
    And the things you _won't_ have:
    * TLS 1.1 and 1.2 support on Internet Explorer 8
    * Forward secrecy and elliptic curve encryption ciphers
    * Server Name Indication (an extension that's unrelated to the protocol
    version in use and not implemented by Microsoft)
    * TLS session tickets (same)
    If you're getting a "received an unexpected EOF or 0 bytes from the transport stream" on mRatio or RatioMaster Plus under Windows XP, installing this may fix it. Unfortunately, I was unable to get either program to use TLS 1.2 no matter what I tried (up to and including stealing a copy of System.dll from newer versions of the .NET Framework), so they're stuck with TLS 1.0.

    Enjoy!

    Attached Files Attached Files
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  2. Who Said Thanks:

    DashingDave (16.10.18) , lost.keys (02.10.18) , H265 (30.05.18) , cloud99 (30.05.18)

  3. #2
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    35,092
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss35092
    As it turns out, you can get TLS 1.1 and 1.2 support on IE8 if you uncomment a certain block of the attached registry file that says otherwise and install KB4339093...



    Of course, there's no forward secrecy or SNI, and Internet Explorer 8 is still Internet Explorer 8, but if you're reading this thread you probably don't care
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  4. Who Said Thanks:

    lost.keys (02.10.18)

  5. #3
    WTF, Waffles is working on XP again!!! They only use HTTPs tracker announcer and thanks to this method, it is now possible to use uTorrent with Waffles & any other tracker using HTTPs announcers. Very underappreciated post right there, people...

    God, how I love SB-Innovation, for many years now... Anon & Lucius - you guys are some kult personnes
    Reply With QuoteReply With Quote
    Thanks

  6. Who Said Thanks:

    alpacino (02.10.18)

  7. #4
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    35,092
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss35092
    This was just a throwaway project of mine until someone reported mRatio was broken on Waffles under Windows XP, and version 1 of this patch solved the problem. At that point, I decided to improve it with files from newer security updates and give it a separate thread. It took me two days to test and put everything together, so I'm glad it was useful I can't believe Microsoft never added support for the AES cipher through a "normal" update during the 13 years Windows XP was officially supported.

    Also, you are fortunate Waffles is apparently hosted on a dedicated server (as this patch doesn't add SNI support), and to a lesser degree that it supports the cipher suites listed above, though the latter isn't likely to change soon. A lot of sites still allow the relatively unsafe combination of RSA, AES and SHA1 (which by the way is all mRatio can do under XP even after installing this, due to its reliance on .NET 2.0).

    Also², I wanted to backport GPT support from Server 2003 to XP as well, but tests have been unsuccessful thus far.
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  8. #5

    Join Date
    15.10.18
    Location
    United Arab Emirates
    P2P Client
    uTorrent
    Posts
    6
    Activity Longevity
    0/20 1/20
    Today Posts
    0/5 ssssssss6
    This information is very useful. It works perfectly as it should on Windows 7.
    I hope XP guys can make it work though! Everything needs a little effort.
    Reply With QuoteReply With Quote
    Thanks

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •