KSSL problems
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| kdelibs (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
I noticed some SSL strangeness on Dapper Flight 7
The first example arises with the Fidelity web site
because they check that the encryption level
is sufficient, probably using a slightly flawed
algorithm.
1) Go to kcontrol/crypto, enable everything
Go to https:/
Using the security icon in the konqueror status
bar, you can check that it uses AES256-SHA.
2) Click the login button.
Chances are that you go to a page explaining
that you do not have 128 bit
encryption. Note that this is working
on breezy/
3) Return to the crypto configuration and
select the 'most compatible' ciphers.
This disable AES256-SHA in principle.
Click apply. Reload the Fidelity home page.
Check the encryption with the lock icon.
Still AES256-SHA despite being disabled!!!!
4) Disable SSLv3 in the crypto dialog.
This time Fidelity loads in SSLv2 128 bits.
Login still does not work..
The second problem was reported in bug #32846
in kdepim. I am not sure they are related.
I had similar problems a few years ago.
They were caused by running kssl with
an openssl version different from that
used for compiling kssl.
I check 'security issue' because ssl is a key
security component. Malfunction is dangerous.
- L. B.
| Kees Cook (kees) wrote | #1 |
| leonbottou (leon-bottou) wrote Re: [Bug 44311] Re: KSSL problems | #2 |
| Kees Cook (kees) wrote | #3 |
| leonbottou (leon-bottou) wrote | #4 |
| Changed in kdelibs: | |
| status: | Unconfirmed → Needs Info |
| Rich Johnson (nixternal) wrote | #5 |
| Changed in kdelibs: | |
| status: | Needs Info → Fix Released |
| leonbottou (leon-bottou) wrote | #6 |
I cannot reproduce this. From the main page, I see RC4-MD5, and for login pages, I see AES256-SHA, and it doesn't tell me I'm missing 128bit. Do you still see this problem with Dapper?