Re: N900, CSSU and OpenSSL
 

Of course we're interested :-)

Re: N900, CSSU and OpenSSL
 

Definitely we are (but on the road and left my cssu device at home)!

Re: N900, CSSU and OpenSSL
 

do i install all the packages on the folder

Re: N900, CSSU and OpenSSL
 

Hi,

thx for compiling. Tested ssl-packet from post #36, no errors so far*. i'm using cssu (21.2011.38-1Tmaemo10.1)

regards, chris

* but https://blog.fefe.de is already not working in any maemo-browser :-/

Re: N900, CSSU and OpenSSL
 

Yes. I have just dpkg -i libssl0.9.8_0.9.8ze-1+maemo1+0m5+0cssu0_armel.deb (replaced libssl0.9.8 version 0.9.8n-1-maemo4-0m5-0cssu1+thumb1) OK
and then dpkg -i openssl_0.9.8ze-1+maemo1+0m5+0cssu0_armel.deb (replaced 1.0.1e), meaning the package was downgraded - but OK :)

Initial testing (before rebooting) seems OK. Power off now (note: this is my "production" N900). Power on: booted OK to desktop.

mbsync? check. openvpn? check. on-line banking with microb? check. ssh? check. alpine? check.

This is just a quick test. Judging by the number of packages which depend, directly or indirectly, on libssl0.9.8 (like, huh, the whole of maemo) I'd be careful. On the other hand, it's just a library, and whatever fixes are in there are *supposed* to be ABI-compatible, so all should be OK (more(less secure but that's all).

For all I care, I give it my blessing :)

Re: N900, CSSU and OpenSSL
 

It also doesn't work on Firefox 37beta on Windows 7 (work). Nor on Internet Explorer 10 (I get "the proxy server isn't responding"). With links2 on debian/jessie 32-bit I get "verification failure: unable to get local issuer certificate".

(sorry for the weird tests, but this is all I have access to right now).

In short: that page has an invalid certificate. Your N900 is working just fine.

Re: N900, CSSU and OpenSSL
 

Exactly, as
http://blog.fefe.de/
works just fine on MicroB.

Re: N900, CSSU and OpenSSL
 

Since the openssl Nokia patches that freemangordon has forward-ported (thanks!) are required to meet the RFC 4279 specs for PSK-TLS and in the detail SUPL servers connection, please check also the applications using AGPS (with a valid supl server setting)
Syslog shoud report if something is going wrong.

Refs:
https://tools.ietf.org/html/rfc4279
http://rt.openssl.org/Ticket/Display...est&pass=guest

Re: N900, CSSU and OpenSSL
 

I will (try to) upload 0.9.8zf (the one that got released yesterday) in cssu-devel by the end of the day, maybe wait a bit for further testing to not double the effort.

Re: N900, CSSU and OpenSSL
 

done:

http://talk.maemo.org/showpost.php?p...&postcount=439

Re: N900, CSSU and OpenSSL
 

Thank you freemangordon! Succesfully installed. You make dreams come true. No errors in MicroB when connecting to my bank. However, I get no connection lock on N900 with A-GPS in Marble and Tablet Mode.
External GPS Device does have position lock.
Any idea how to solve that?

I saw in dependencies that 'ca-certificates' was recommended.

In any case, thank you :)

Edit: Got a GPS Lock, but after minutes, as opposed to seconds, which never happened before with my setup. Is openssl the culprit?
Edit2: After a reboot, I get a lock after 30 seconds. All is fine. Thank you. :)

Re: N900, CSSU and OpenSSL
 

shouldn't be, I tried it here and got lock in 7 seconds. also. in syslog I see a successful connection to supl.nokia.com.

Re: N900, CSSU and OpenSSL
 

You're right, it was not related, after reboot I got a quick lock.

I've been dreaming about this day for months, thank you.

Re: N900, CSSU and OpenSSL
 

Probably location-proxy was already loaded using previous openssl version.

Re: N900, CSSU and OpenSSL
 

That should not matter, the old openssl (n) doesn't have issues with supl servers either

Re: N900, CSSU and OpenSSL
 

How to add tls 1.2 to maemo and pass ssllabs.com browser test on microb?