Jump to content

POSReady 2009 updates ported to Windows XP SP3 ENU

glnz

By glnz
in Windows XP

 Share

Recommended Posts

roytam1

roytam1

Posted
Posted
4 hours ago, heinoganda said:

Of course there was an update to Windows XP, KB4042723 (wzcsvc.dll). According to my manufacturer of the router, this is not affected with the current firmware, best at your router manufacturer inquire / inform.

Today, there was another update (KB4019276  downloadinfo) for Windows XP to support TLS 1.1 and TLS 1.2 (client - server / IIS).

:)

Does anyone ever tried enabling TLS 1.1/1.2 on XP with success?


i430VX

i430VX

Posted
Posted (edited)
46 minutes ago, roytam1 said:

Does anyone ever tried enabling TLS 1.1/1.2 on XP with success?

I followed the instructions, nothing in IE8. (as in tls 1.1+ only sites still don't work, no check boxes in Internet options.)
I may be wrong and it's not for IE8 and for something else.

Unsure if it works at system level, don't know how to check that. 

Edited by i430VX
Dibya

Dibya

Posted
Posted (edited)
8 hours ago, heinoganda said:

Of course there was an update to Windows XP, KB4042723 (wzcsvc.dll). According to my manufacturer of the router, this is not affected with the current firmware, best at your router manufacturer inquire / inform.

Today, there was another update (KB4019276  downloadinfo) for Windows XP to support TLS 1.1 and TLS 1.2 (client - server / IIS).

:)

My dreams comes true.  Tls1.2 in xp oh yeah 

Have you tried chrome? 

I cannot find any crypt32 in XP hot fix which is essential for TLS1.2.

any one can check it out ?

Edited by Dibya
heinoganda

heinoganda

Posted
Posted (edited)

Because of KB4019276, communication between a client and server with TLS 1.1 and TLS 1.2 is possible (domain controller and IIS). Root certificates with encryption ECDHE_ECDSA are still not supported and have no effect with IE8 on Windows XP. Chromium-based web browsers use the certificate management of Windows, since it already supports TLS 1.1 and TLS 1.2 certificates, but no ECDHE_ECDSA certificates, does not change with this update.

 

without KB4019276

cxp-tls_1.jpg

with KB4019276

cxp-tls_2.jpg

 

 

@Dibya

Look at the files for Server 2008, which could show you the way for an implementation of modern encryption techniques in Windows XP.

 

Advapi32.dll
Bcrypt.dll
Crypt32.dll
Cryptnet.dll
Cryptsvc.dll
Ksecdd.sys
Lsasrv.dll
Lsasrv.mof
Lsass.exe
Secur32.dll
Ncrypt.dll
Rpcrt4.dll
Wdigest.dll
Msv1_0.dll
Schannel.dll
Mrxsmb10.sys
Mrxsmb20.sys
Mrxsmb.sys

:)

Edited by heinoganda
Dibya

Dibya

Posted
Posted (edited)

Crypt32 needs to be patched.  Others are not essential for nt 5.x. as xp use 3 parameters for crypt32 but vista and newer uses more parameters  (four params I think)

I have to find which api deals with   ECDHE_ECDSA 

Edited by Dibya
heinoganda

heinoganda

Posted
Posted

If the certificate management of Windows XP would also process ECDHE_ECDSA certificates, many problems would be solved with Chromium based webbrowser!

:)

Dibya

Dibya

Posted
Posted (edited)

EmbedTLS from Reactos can process ECDHE_ECDSA certificates. I have to research how they used it in combination of their schannel.dll.  no crypt32 touched. If we move the required code to our schannel.dll then we are all set. We cannot use reactos schannel.dll as it is very buggy. 

Edited by Dibya
roytam1

roytam1

Posted
Posted
10 hours ago, Dibya said:

My dreams comes true.  Tls1.2 in xp oh yeah 

Have you tried chrome? 

I cannot find any crypt32 in XP hot fix which is essential for TLS1.2.

any one can check it out ?

Chrome shows TLS 1.2, but SNI is still not available.

chrome49-xp-tls12-nosni.png

chrome49-xp-tls12.png

heinoganda

heinoganda

Posted
Posted (edited)

@Dibya

No ECC root certificates (signature algorithm 2.840.10045.4.3.3) can be added to the certificate management in Windows XP. Here's the problem!
 

@Dave-H

The update KB4019276 must be downloaded manually. 

http://download.windowsupdate.com/c/msdownload/update/software/updt/2017/10/windowsxp-kb4019276-x86-embedded-enu_3822fc1692076429a7dc051b00213d5e1240ce3d.exe

 

:)

Edited by heinoganda
1
Dave-H

Dave-H

Posted
Posted
1 hour ago, heinoganda said:

 

@Dave-H

The update KB4019276 must be downloaded manually. 


http://download.windowsupdate.com/c/msdownload/update/software/updt/2017/10/windowsxp-kb4019276-x86-embedded-enu_3822fc1692076429a7dc051b00213d5e1240ce3d.exe

 

:)

Thanks, I had already downloaded it, I just wondered whether it would appear as an automatic update or not.
I'll install it manually.
:yes:

@dencorso

Ha, ha!
:lol:

Roffen

Roffen

Posted
Posted
38 minutes ago, heinoganda said:

@Dibya

No ECC root certificates (signature algorithm 2.840.10045.4.3.3) can be added to the certificate management in Windows XP. Here's the problem!
 

@Dave-H

The update KB4019276 must be downloaded manually. 


http://download.windowsupdate.com/c/msdownload/update/software/updt/2017/10/windowsxp-kb4019276-x86-embedded-enu_3822fc1692076429a7dc051b00213d5e1240ce3d.exe

 

:)

 

My problem is that I am  running a Norwegian XP that refuses to update English. Should I rather install English XP. Although SP4 dosn't seem to be bothered by Norwegian XP.

I have got 158 updates since oct. 13.

Last one so far today is:

Windows XPSikkerhetsoppdatering for Microsoft .NET Framework 2.0 SP2 på Windows Server 2003 og Windows XP x86 (KB2742596)18. oktober 2017Automatiske oppdateringer

 
 

heinoganda

heinoganda

Posted
Posted (edited)
1 hour ago, Roffen said:

My problem is that I am  running a Norwegian XP that refuses to update English.

Here is the link for the Norwegian language version of Windows XP. 

http://download.windowsupdate.com/c/msdownload/update/software/updt/2017/10/windowsxp-kb4019276-x86-embedded-nor_be244a0ef03a7b2bd69923b3f7617594b21585fa.exe


:)

Edited by heinoganda

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...