Active Topics

 


Page 2 of 3 1 2 3
Reply
Thread Tools
Estel's Avatar
Estel is offline Estel
2014-04-13 , 02:20
Posts: 5,028 | Thanked: 8,613 times | Joined on Mar 2011
#11
Originally Posted by reinob View Post
I actually replaced openssl with version 1.0.1e some time ago.
And no package in extras-devel, eh? You selfish bastard You make our hearts bleed... Or not, in this particular case.
__________________
N900's aluminum backcover / body replacement
-
N900's HDMI-Out
-
Camera cover MOD
-
Measure battery's real capacity on-device
-
TrueCrypt 7.1 | ereswap | bnf
-
Hardware's mods research is costly. To support my work, please consider donating. Thank You!
 

The Following User Says Thank You to Estel For This Useful Post:
nieldk
2014-04-13 , 05:50
Guest | Posts: n/a | Thanked: 0 times | Joined on
#12
hehe, well lets do 1.0.1g on extras then
 

The Following 3 Users Say Thank You to For This Useful Post:
shawnjefferson is offline shawnjefferson
2014-04-13 , 16:44
Posts: 254 | Thanked: 509 times | Joined on Nov 2011 @ Canada
#13
I think OpenSSL is 0.98 on the n900 anyway?

GnuTLS should be patched, as it's actually used by a couple of apps (IIRC), including claws-mail.

BTW, you can run the various python POC heartbleed exploit codes on the n900, works great. I guess you can even run the newest metasploit too if you're adventurous.
 
Dave999's Avatar
Dave999 is offline Dave999
2014-04-13 , 16:47
Posts: 7,075 | Thanked: 9,073 times | Joined on Oct 2009 @ Moon! It's not the East or the West side... it's the Dark Side
#14
Originally Posted by Estel View Post
And no package in extras-devel, eh? You selfish bastard You make our hearts bleed... Or not, in this particular case.
It's the big boy rule...
__________________
Do something for the climate today! Anything!

I don't trust poeple without a Nokia n900...
 
reinob is offline reinob
2014-04-13 , 19:54
Posts: 1,808 | Thanked: 4,272 times | Joined on Feb 2011 @ Germany
#15
Originally Posted by Estel View Post
And no package in extras-devel, eh? You selfish bastard You make our hearts bleed... Or not, in this particular case.
OK, I think this might be the one:
http://talk.maemo.org/showthread.php?p=1385968
(from nieldk).

But this AFAIK does not overwrite 0.9.8, so both coexist. Have to find some time to actually check this.
 

The Following 2 Users Say Thank You to reinob For This Useful Post:
isorn is offline isorn
2014-04-13 , 21:18
Posts: 43 | Thanked: 32 times | Joined on Jan 2010
#16
The versions with the bug are from 1.0.1 to 1.0.1f so maemo's version is ok
 
NIN101 is offline NIN101
2014-04-13 , 22:17
Posts: 115 | Thanked: 342 times | Joined on Dec 2010
#17
The question of course is whether programs will just continue to work with 1.0.1* as with 0.9.8.

I guess a first start would be 0.9.8y, which maybe should have these patches from the older version and obey the configuration in the rules file. too.

For a start, I didn't apply any patch at all, only configured it with " ./config shared --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib". Result: it crashes. Would have been too easy I guess.
__________________
Video showing N900 booting with LUKS encrypted /home/
N900 rescueOS
 
NIN101 is offline NIN101
2014-04-13 , 23:34
Posts: 115 | Thanked: 342 times | Joined on Dec 2010
#18
Ok seems I managed to create a useable compile. Here is how to do it on a working scratchbox.

0. Read everything before you start.
1. Download 0.9.8y sources
2. Apply the patches. Many will apply with offsets. "10_pic.patch" won't apply. We have yet to determine what is actually does and whether we need it. The "2X_openssl-psk" do apply but cause the compilation to fail. I am not sure whether they are still needed for something.
3. ./Configure shared --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib enable-tlsext debian-armel
4. make -f Makefile all. I skipped "make depend" because the rule script also does it does way...
5. Compiliation is done. Libraries can be copied to your N900.
6. This is only for tinkerers for now. I do not claim to know what I am doing.
__________________
Video showing N900 booting with LUKS encrypted /home/
N900 rescueOS
Last edited by NIN101; 2014-04-14 at 00:00.
 

The Following 4 Users Say Thank You to NIN101 For This Useful Post:
PMaff's Avatar
PMaff is offline PMaff
2014-04-15 , 13:08
Posts: 361 | Thanked: 219 times | Joined on Sep 2010
#19
Originally Posted by jonwil View Post
The question to be asked then is, will replacing OpenSSL on the N900 with the newest version break anything and if not, should CSSU do that?
I do not use CSSU currently.
So a replacement on the normal stock N900
would be interesting.

Maybe some accurate depends from the
one who makes the Debian package and some testing
before handout could avoid the largest part of fails?
Last edited by PMaff; 2014-04-15 at 13:11.
 
pichlo's Avatar
pichlo is offline pichlo
2014-04-15 , 16:39
Posts: 6,447 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#20
Originally Posted by PMaff View Post
I do not use CSSU currently.
So a replacement on the normal stock N900
would be interesting.
It certainly would, considering that it is firmly in the hands of Nokia and has not been updated for 3 years

If you want updates, CSSU is the only viable option.
__________________
Русский военный корабль, иди нахуй!
 

The Following 2 Users Say Thank You to pichlo For This Useful Post:
Reply
Page 2 of 3 1 2 3

Tags
heartbleed, nokia n900, openssl, security

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 16:04.

Contact Us - Home - Archive - Top