Boris Wachtmeister 67f8ed44bd disable all really weak cipher suites ... With #959 all ciphers of the platform were enabled, but this also includes several suites that are considered as very weak, even down to NULL- and anon-ciphers which disable completely disable encryption and/or authentication. Especially the anon-ciphers could be easily used for a mitm-attack. To remove all weak ciphers a blacklist with patterns of cipher-names was added to Config.java. The blacklist is based on the "mandatory discards" that Mozilla suggests to not use for TLS-servers because they are weak or known to be broken. https://wiki.mozilla.org/Security/Server_Side_TLS#Mandatory_discards		2015-03-07 15:48:29 +01:00
..
crypto	added typing notifications through XEP-0085. fixed #210	2015-02-21 11:06:52 +01:00
entities	added methods to count number of unread messages	2015-03-02 11:53:15 +01:00
generator	added typing notifications through XEP-0085. fixed #210	2015-02-21 11:06:52 +01:00
http	Use platform ciphers as well, just prefer ours	2015-02-02 11:16:22 -05:00
parser	fixed npe in message parser	2015-03-06 21:14:55 +01:00
persistance	catching out of memory run time exception in hasEnabledAccounts()	2015-02-28 12:03:53 +01:00
services	avoid unnecessary thread creation	2015-03-05 15:46:33 +01:00
ui	fixed enter is send option	2015-03-06 22:22:50 +01:00
utils	disable all really weak cipher suites	2015-03-07 15:48:29 +01:00
xml	Add support for XEP-0191 (Blocking command)	2014-12-22 08:19:00 -05:00
xmpp	avoid unnecessary thread creation	2015-03-05 15:46:33 +01:00
Config.java	disable all really weak cipher suites	2015-03-07 15:48:29 +01:00