[SailfishDevel] Sailfish HTTPS / SSL default cipher list
Hi Sailors! After reading about the weak cipher list used in latest Android devices [ http://op-co.de/blog/posts/android_ssl_downgrade/ ], I decided to check how Sailfish looks like. Fortunately, the native QML apps seem to use strong ciphers as the default ciphers, at least in the emulator. However, I can't test Sailfish/Jolla Android emulator, because I don't have access to it. It would be great if someone who has access to it could ensure that its cipher list doesn't have weak ciphers as default ciphers. We don't want pirates to attack our connections :) Here's my results from Sailfish SDK alpha, Android 2.2 and 4.2.2 emulator. I run the emulators with simple apps which took https connections and at the same time I run ssldump to see the cipher list. My ssldump version is 0.9b3 (Ubuntu 12.04) and it can't recognize all ciphers, but the unknown values can be found at http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml - I have expanded some of them to the ssldumps. > ssldump -i wlan0 -p 80 Sailfish SDK alpha, QML hello world app with this code: IconButton { icon.source: "https://www.google.com/images/srpr/logo4w.png"; onClicked: console.log("Google!!!") } cipher suites Unknown value 0xa3 [TLS_DHE_DSS_WITH_AES_256_GCM_SHA384] Unknown value 0x9f [TLS_DHE_RSA_WITH_AES_256_GCM_SHA384] Unknown value 0x6b [TLS_DHE_RSA_WITH_AES_256_CBC_SHA256] Unknown value 0x6a [TLS_DHE_DSS_WITH_AES_256_CBC_SHA256] TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA Unknown value 0x88 Unknown value 0x87 Unknown value 0x9d Unknown value 0x3d TLS_RSA_WITH_AES_256_CBC_SHA Unknown value 0x84 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0xa2 Unknown value 0x9e TLS_DHE_DSS_WITH_NULL_SHA Unknown value 0x40 TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA Unknown value 0x9a Unknown value 0x99 Unknown value 0x45 Unknown value 0x44 Unknown value 0x9c Unknown value 0x3c TLS_RSA_WITH_AES_128_CBC_SHA Unknown value 0x96 Unknown value 0x41 TLS_RSA_WITH_IDEA_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5 Unknown value 0xff Android 2.2 emulator cipher suites TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5 Unknown value 0xff Android 4.2.2 emulator cipher suites TLS_RSA_WITH_RC4_128_MD5 BAD!!! TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA Unknown value 0xc002 Unknown value 0xc004 Unknown value 0xc005 Unknown value 0xc00c Unknown value 0xc00e Unknown value 0xc00f Unknown value 0xc007 Unknown value 0xc009 Unknown value 0xc00a Unknown value 0xc011 Unknown value 0xc013 Unknown value 0xc014 TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0xc003 Unknown value 0xc00d Unknown value 0xc008 Unknown value 0xc012 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_EXPORT_WITH_RC4_40_MD5 TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA Unknown value 0xff Firefox 21 (just to show how it looks like) cipher suites Unknown value 0xff [TLS_EMPTY_RENEGOTIA
Re: [SailfishDevel] System management is locked by the application with pid 5695 (zypper) - Win 7 (behind proxy)
In windows -> computer -> environment variables i created a system/global variable *http_proxy* with value *http:// :@:* I also set those settings in SDKMaintenanceTool.exe under Settings. br simon :-) On Tue, Oct 15, 2013 at 8:12 PM, Juha Kallioinen wrote: > On 10.10.2013 11:14, Simon Bolek wrote: > >> >> I am behind the Proxy and already set up the http_proxy in global >> variables like: >> http://:@<**host>: >> >> When I try to manage->find a package e.g. ofono, i get: >> >> +++ >> NoMethodError at /C/targets/add >> undefined method `include?' for nil:NilClass >> file: sdk_helper.rb location: toolchain_exists line: 210 >> +++ >> >> Are there issues when working behind proxy / win 7? >> >> Hello, > > how did you set the proxy environment variables? There's probably a bug > somewhere in the SDK control center, since the proxy case hasn't been > tested at all, afaik. > > Best regards, > Juha > > ___ SailfishOS.org Devel mailing list