Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2015-04-25 | fixed #1039 | Daniel Gultsch | 1 | -0/+3 | |
2015-03-07 | disable all really weak cipher suites | Boris Wachtmeister | 1 | -0/+16 | |
With #959 all ciphers of the platform were enabled, but this also includes several suites that are considered as very weak, even down to NULL- and anon-ciphers which disable completely disable encryption and/or authentication. Especially the anon-ciphers could be easily used for a mitm-attack. To remove all weak ciphers a blacklist with patterns of cipher-names was added to Config.java. The blacklist is based on the "mandatory discards" that Mozilla suggests to not use for TLS-servers because they are weak or known to be broken. https://wiki.mozilla.org/Security/Server_Side_TLS#Mandatory_discards | |||||
2015-02-02 | Use platform ciphers as well, just prefer ours | Sam Whited | 1 | -5/+7 | |
2015-02-02 | don't disable any ciphers | iNPUTmice | 1 | -3/+4 | |
2015-01-14 | Harden the TLS connection cipher suites | Sam Whited | 1 | -5/+16 | |
2014-11-15 | Don't escape passwords in SASL | Sam Whited | 1 | -1/+1 | |
Fixes #671 | |||||
2014-11-16 | parse otr-fingerprint in qr codes and nfc. include otr fingerprint in ↵ | iNPUTmice | 1 | -0/+9 | |
shareable uri where ever possible | |||||
2014-11-15 | Cache SCRAM-SHA-1 keys for current session | Sam Whited | 1 | -0/+4 | |
2014-11-14 | Add SCRAM-SHA1 support | Sam Whited | 1 | -2/+29 | |
Factor out GS2 tokanization into own class Add authentication exception class Fixes #71 | |||||
2014-11-12 | Refactor authentication code | Sam Whited | 1 | -59/+1 | |
2014-10-22 | Make conversations the root project | Sam Whited | 1 | -0/+0 | |