Bug#390712: Same problem, nearly same hardware
Marc Haber
mh+debian-packages at zugschlus.de
Wed Dec 13 12:46:51 UTC 2006
On Tue, Dec 05, 2006 at 05:18:25PM +0100, Hanno 'Rince' Wagner wrote:
> I also have a Sony-Ericsson P990i (Germany, non-branded by a phone
> provider)
The P990i seems to have issues when connecting to a GnuTLS server. We
have verified this by having the phone connect to gnutls-serv. The
phone and gnutls-serv negotiate TLS 1.0 with AES128 and SHA-1, and
this seems to be the culprit. The phone does not support TLS 1.1. The
connection works fine when gnutls-serv is configured to use SSL3.0
instead of TLS 1.0, and it works as well when TLS1.0 is allowed but
SHA-1 is forbidden. Unfortunately, the cipher falls back to ARCFOUR
when SHA-1 is forbidden.
In exim, the MAC can only be influenced by modifying the actual source
code, and I have verified that an exim compiled with SHA-1 disabled in
the sources can talk to Hanno's phone.
The GnuTLS people are in on this, and I'll report back as soon as we
have new findings.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
More information about the Pkg-exim4-maintainers
mailing list