Commit Graph

11 Commits

Author SHA1 Message Date
Daniel Gultsch
82daf849aa fixed #1039 2015-04-25 14:42:32 +02:00
Boris Wachtmeister
67f8ed44bd disable all really weak cipher suites
With #959 all ciphers of the platform were enabled, but this also
includes several suites that are considered as very weak, even down to
NULL- and anon-ciphers which disable completely disable encryption
and/or authentication. Especially the anon-ciphers could be easily used
for a mitm-attack.

To remove all weak ciphers a blacklist with patterns of cipher-names was
added to Config.java. The blacklist is based on the "mandatory discards"
that Mozilla suggests to not use for TLS-servers because they are weak
or known to be broken.
https://wiki.mozilla.org/Security/Server_Side_TLS#Mandatory_discards
2015-03-07 15:48:29 +01:00
Sam Whited
03d30e4fdb Use platform ciphers as well, just prefer ours 2015-02-02 11:16:22 -05:00
iNPUTmice
bd3fccd2dc don't disable any ciphers 2015-02-02 14:22:49 +01:00
Sam Whited
548a585b2c Harden the TLS connection cipher suites 2015-01-14 13:10:15 -05:00
Sam Whited
cfdda5f8fd Don't escape passwords in SASL
Fixes #671
2014-11-15 21:11:14 -05:00
iNPUTmice
88c3537b68 parse otr-fingerprint in qr codes and nfc. include otr fingerprint in shareable uri where ever possible 2014-11-16 00:20:20 +01:00
Sam Whited
a463f82e3b Cache SCRAM-SHA-1 keys for current session 2014-11-15 12:57:36 -05:00
Sam Whited
0e550789d3 Add SCRAM-SHA1 support
Factor out GS2 tokanization into own class
Add authentication exception class

Fixes #71
2014-11-14 18:00:12 -05:00
Sam Whited
14cfb60952 Refactor authentication code 2014-11-12 10:15:38 -05:00
Sam Whited
281ce3105f Make conversations the root project 2014-10-22 15:47:11 -04:00