Bug#390712: Same problem, nearly same hardware

Marc Haber mh+debian-packages at zugschlus.de
Wed Dec 13 12:46:51 UTC 2006


On Tue, Dec 05, 2006 at 05:18:25PM +0100, Hanno 'Rince' Wagner wrote:
> I also have a Sony-Ericsson P990i (Germany, non-branded by a phone
> provider)

The P990i seems to have issues when connecting to a GnuTLS server. We
have verified this by having the phone connect to gnutls-serv. The
phone and gnutls-serv negotiate TLS 1.0 with AES128 and SHA-1, and
this seems to be the culprit. The phone does not support TLS 1.1. The
connection works fine when gnutls-serv is configured to use SSL3.0
instead of TLS 1.0, and it works as well when TLS1.0 is allowed but
SHA-1 is forbidden. Unfortunately, the cipher falls back to ARCFOUR
when SHA-1 is forbidden.

In exim, the MAC can only be influenced by modifying the actual source
code, and I have verified that an exim compiled with SHA-1 disabled in
the sources can talk to Hanno's phone.

The GnuTLS people are in on this, and I'll report back as soon as we
have new findings.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835




More information about the Pkg-exim4-maintainers mailing list