Active Topics
-
Firefox with Leste (10)
to Maemo 7 / Leste by teroyk - 2 days, 21 hrs ago - more...
 |
|
2014-10-31
, 08:03
|
|
Posts: 4,118 |
Thanked: 8,901 times |
Joined on Aug 2010
@ Ruhrgebiet, Germany
|
#32
|
@foobar
That would be excellent!
What did you change?
How is connection negotiated now? I.e. for real TLS I need to set what? SSL and if fails it switches to TLS? (That is the way also N9 handles: if I set TLS it does not connect, if I set SSL it connects, but openssl clearly states on that secureimap.t-online.de:993 is only TLS activated (no SSL no STARTTLS)
)
Did you change (and what) on gitorious? (I guess/hope only on local branch?)
Please ping freemangordon for repo part! [this should not distract him too much from ongoing RE'ing tasks? BIG kudos to him!]
Last edited by peterleinchen; 2014-10-31 at 08:24.
That would be excellent!
What did you change?
How is connection negotiated now? I.e. for real TLS I need to set what? SSL and if fails it switches to TLS? (That is the way also N9 handles: if I set TLS it does not connect, if I set SSL it connects, but openssl clearly states on that secureimap.t-online.de:993 is only TLS activated (no SSL no STARTTLS)
)Did you change (and what) on gitorious? (I guess/hope only on local branch?)
Please ping freemangordon for repo part! [this should not distract him too much from ongoing RE'ing tasks? BIG kudos to him!]
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
Last edited by peterleinchen; 2014-10-31 at 08:24.
|
|
2014-10-31
, 11:38
|
|
Posts: 203 |
Thanked: 445 times |
Joined on Mar 2010
|
#33
|
I've basically allowed TLS (the protocol) on SSL (the modest setting), which previously only allowed SSL2 & SSL3.*
Merge request in git is pending and I'll poke freemangordon on IRC.
[*] We should probably remove SSL2 there.
Merge request in git is pending and I'll poke freemangordon on IRC.
[*] We should probably remove SSL2 there.
| The Following 6 Users Say Thank You to foobar For This Useful Post: | ||
|
|
2014-10-31
, 20:17
|
|
Posts: 1,994 |
Thanked: 3,342 times |
Joined on Jun 2010
@ N900: Battery low. N950: torx 4 re-used once and fine; SIM port torn apart
|
#34
|
Quick reply...
Thank you! Unfortunately, gitorious does not even display this merge request...
https://gitorious.org/modest/modest/merge_requests
Best wishes. Thank you.
~~~~~~~~~~~~~~~~~
Per aspera ad astra...
Thank you! Unfortunately, gitorious does not even display this merge request...
https://gitorious.org/modest/modest/merge_requests
Best wishes. Thank you.
~~~~~~~~~~~~~~~~~
Per aspera ad astra...
| The Following User Says Thank You to Wikiwide For This Useful Post: | ||
|
|
2014-10-31
, 20:35
|
|
Posts: 4,118 |
Thanked: 8,901 times |
Joined on Aug 2010
@ Ruhrgebiet, Germany
|
#35
|
It does show.
https://gitorious.org/community-ssu/...ts?status=Open
@foobar
that was all?
then I really wonder why Nokians left that out
did you already test?
Last edited by peterleinchen; 2014-10-31 at 21:11.
https://gitorious.org/community-ssu/...ts?status=Open
@foobar
that was all?
then I really wonder why Nokians left that out
did you already test?
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
Last edited by peterleinchen; 2014-10-31 at 21:11.
|
|
2014-10-31
, 23:11
|
|
Posts: 203 |
Thanked: 445 times |
Joined on Mar 2010
|
#36
|
Yepp, that's it. Finding the place obviously took more time than the actual patching.
My wild guess is they left it out deliberately, thinking "SSL wrapped" means SSL, not TLS.
Anyway, I tested it with secureimap.t-online.de:993, and even though I don't have an account there, it complained about wrong user/password with the patch (which was "can't connect" before).
My wild guess is they left it out deliberately, thinking "SSL wrapped" means SSL, not TLS.
Anyway, I tested it with secureimap.t-online.de:993, and even though I don't have an account there, it complained about wrong user/password with the patch (which was "can't connect" before).
|
|
2014-11-02
, 14:34
|
|
Posts: 203 |
Thanked: 445 times |
Joined on Mar 2010
|
#37
|
I'm not sure what the release plans are for CSSU, so here is a link to a build of the relevant part of tinymail:
https://storage.camaya.net/public.ph...28f08b025811e1
Besides the change discussed above, it also has SSL2 disabled.
It is built from this git repo: https://gitorious.org/community-ssu/kolps-tinymail
and with CSSU stuff in scratchbox, so there might be some issues if installed on a non-CSSU device (I haven't checked).
Anyway, beware, third party-supplied binary, take note of your currently installed version, etc.
https://storage.camaya.net/public.ph...28f08b025811e1
Besides the change discussed above, it also has SSL2 disabled.
It is built from this git repo: https://gitorious.org/community-ssu/kolps-tinymail
and with CSSU stuff in scratchbox, so there might be some issues if installed on a non-CSSU device (I haven't checked).
Anyway, beware, third party-supplied binary, take note of your currently installed version, etc.
|
|
2014-11-02
, 14:41
|
|
Posts: 1,163 |
Thanked: 1,873 times |
Joined on Feb 2011
@ The Netherlands
|
#38
|
Also thought of renaming "SSL" to "SSL/TLS" at UI level?
__________________
N900 loaded with:
CSSU-T (Thumb)
720p recording,
Pierogi, Lanterne, Cooktimer, Frogatto
N9 16GB loaded with:
Kernel-Plus
--
[TCPdump & libpcap | ngrep]
--
donate
N900 loaded with:
CSSU-T (Thumb)
720p recording,
Pierogi, Lanterne, Cooktimer, Frogatto
N9 16GB loaded with:
Kernel-Plus
--
[TCPdump & libpcap | ngrep]
--
donate
|
|
2014-11-02
, 15:54
|
|
Posts: 2 |
Thanked: 4 times |
Joined on Nov 2014
|
#39
|
Originally Posted by peterleinchen
Isn't the problem in libtinymail rather than in modest? I think libtinymail should enable TLS on SSL connections too. I've built current libtinymail git and it fails to connect on a !SSLv2 !SSLv3 enabled dovecot as you described. Applying this patch:
And I do not believe we will be succesful with our modest STARTTLS anymore, as this implies a connection request without securing.
...
https://gitorious.org/tinymail/agxs-...1a590a53c8f879
allows it to connect again (on port 993). I haven't had a chance to test this on fremantle. Anybody around that can test this on freemantle?
The idea came from evolution's libcamel which has the same issue:
https://bazaar.launchpad.net/~ubuntu...-for-ssl.patch
|
|
2014-11-02
, 15:59
|
|
Posts: 2 |
Thanked: 4 times |
Joined on Nov 2014
|
#40
|
Originally Posted by foobar
Awesome. This basically looks the same as what I just tried with upstream tinymail:
I've basically allowed TLS (the protocol) on SSL (the modest setting), which previously only allowed SSL2 & SSL3.*
Merge request in git is pending and I'll poke freemangordon on IRC.
[*] We should probably remove SSL2 there.
https://gitorious.org/tinymail/agxs-...1a590a53c8f879
 |
| Tags |
| email, modest, send receive |
«
Previous Thread
|
Next Thread
»
|
All times are GMT. The time now is 09:57.
Last edited by foobar; 2014-10-31 at 00:33.