Results 1 to 13 of 13
  1.    #1  
    Perhaps some of you heard of the bug that is affecting secure communication on many servers, mobile phones routers, smartTVs...

    Running OpenSSL? Patch NOW to fix critical bug • The Register

    Heartbleed Bug

    Der GAU für Verschlüsselung im Web: Horror-Bug in OpenSSL | heise online

    It seems at least webOS <= 2.2.4 is not affected as it report version 0.9.8k Mar 2009

    Can't test "openssl version" on Touchpad right now.
  2. #2  
    Thread title fixed per OP request.
  3. #3  
    The 0.9.8k is giving me problems though. At least one site I know I get the bloody 2035 SSL browser error.
    Palm IIIc -> Sony CLIÉ T650C -> Sony TJ-37 -> Palm TX -> Palm Centro -> Palm Pre Bell -> Palm Pre Plus Bell/Verizon Hybrid -> HP Veer -> HP Pre 3 NA -> BlackBerry Classic -> BlackBerry Priv

    It's a Late Goodbye, such a Late Goodbye.

    Need OEM Palm Pre parts? See here
  4. #4  
    Hi, my touchpad 4g also gives version 0.9.8k. So no problem

    i gave the command openssl version in wterm. Do i get the right version? I also installed webosinternals openssl (optware)...
    Last edited by poehoes; 04/08/2014 at 03:13 PM. Reason: additional remark
  5.    #5  
    the login site for profile settings seems to be secured of heartbleed.
    https://www.ssllabs.com/ssltest/anal...=ps.palmws.com

    Does anyone know if profile backup servers are/were affected?
    Should we change passwords?
  6. #6  
    This definitely breaks IMAP or POP for some email clients. See: ""Requested encryption not supported by server"
  7.    #7  
    So i checked all URLs here: Palm Profile Interactions - WebOS Internals
    with a local heartbleed checker and they all were scanned negative (= good) at least now.

    Let's hope their server infrastructure is so old they were never affected by it.
  8. hulickr's Avatar
    Posts
    65 Posts
    Global Posts
    74 Global Posts
    #8  
    Quote Originally Posted by gizmo21 View Post
    So i checked all URLs here: Palm Profile Interactions - WebOS Internals
    with a local heartbleed checker and they all were scanned negative (= good) at least now.

    Let's hope their server infrastructure is so old they were never affected by it.
    See... Another great reason to adopt webOS now! It's more secure than all them newfangled poser OS's . Another great reason to appreciate our fine choice of platforms

    </humor>
    Roy

    Pre3 is here !! Loving it
    Sprint FrankenPre2 - Touchpad - Homebrew galore
    History: Treo 300, Treo 600, Treo 650, Palm Pre
  9. thg
    thg is offline
    thg's Avatar
    Posts
    238 Posts
    Global Posts
    261 Global Posts
    #9  
    Quote Originally Posted by freebirds View Post
    This definitely breaks IMAP or POP for some email clients. See: ""Requested encryption not supported by server"
    the IMAP/SMTP encryption is BROKEN since some days (probably after the 22.04.) with the German hosting-provider "Strato.de", on both of my Pre's and my TP I'm not able to receive/send any e-mails using my provider anymore.

    It is working if I DISable the SSL-encryption, but this is no way at all :-(

    Any solution for this?

    Thanks a lot,
  10. #10  
    Quote Originally Posted by thg View Post
    the IMAP/SMTP encryption is BROKEN since some days (probably after the 22.04.) with the German hosting-provider "Strato.de", on both of my Pre's and my TP I'm not able to receive/send any e-mails using my provider anymore.

    It is working if I DISable the SSL-encryption, but this is no way at all :-(

    Any solution for this?

    Thanks a lot,
    Can you try to collect some logs with lumberjack? Perhaps they updated their SSL certs and are using a trusted CA that isn't recognized.

    -- Sent from my Palm Pre using Forums
  11. thg
    thg is offline
    thg's Avatar
    Posts
    238 Posts
    Global Posts
    261 Global Posts
    #11  
    Quote Originally Posted by Grabber5.0 View Post
    Can you try to collect some logs with lumberjack? Perhaps they updated their SSL certs and are using a trusted CA that isn't recognized.
    thanks for the suggestion and unfortunately you are right:

    Code:
    2014-04-26T21:16:04.088317Z [3014] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1129] evicted from run queue on release
    2014-04-26T21:16:04.112609Z [3014] webos-device user.info keymanager[1196]: [keymanager] fetchKey request received.
    2014-04-26T21:16:04.112854Z [3014] webos-device user.info keymanager[1196]: [keymanager] fetchKey ++xxxxxxxxxxx request for com.palm.service.accounts
    2014-04-26T21:16:04.112945Z [3014] webos-device user.info keymanager[1196]: [keymanager] fetchKey ++xxxxxxxxxxx succeeded.
    2014-04-26T21:16:04.123107Z [3014] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1130] evicted from run queue on release
    2014-04-26T21:16:04.522369Z [3014] webos-device kern.alert kernel: [ 3014.840000] WLAN device IP address is 0xxxxxxx
    2014-04-26T21:16:04.638732Z [3014] webos-device user.err mojomail-imap[10827]: {libpalmsocket}: crypto_resolve_peer_cert_error (fsm=0x14e8d8): ERROR: kPmSockCertVerifyOpt_fallbackToInstalledLeaf: unable to supress cert verification error
    2014-04-26T21:16:04.640625Z [3014] webos-device user.err mojomail-imap[10827]: {libpalmsocket}: crypto_resolve_peer_cert_error (fsm=0x14e8d8): LEAVING: preverify_ok=0, PslError=23 (Certificate verification failed), X509_V_ERR_=7 (certificate signature failure)
    2014-04-26T21:16:04.645294Z [3014] webos-device user.err mojomail-imap[10827]: {libpalmsocket}: psl_err_process_and_purge_openssl_err_stack (client=0x14e8d8): ERROR from openssl error-stack (raw) 218910881 (0xd0c50a1); lib=13, func=197, reason=161 (error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm)
    2014-04-26T21:16:04.646606Z [3014] webos-device user.err mojomail-imap[10827]: {libpalmsocket}: psl_err_process_and_purge_openssl_err_stack (client=0x14e8d8): ERROR from openssl error-stack (raw) 336134278 (0x14090086); lib=20, func=144, reason=134 (error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed)
    2014-04-26T21:16:04.743072Z [3015] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1128] evicted from run queue on release
    2014-04-26T21:16:04.763092Z [3015] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1128] evicted from run queue on release
    2014-04-26T21:16:04.763366Z [3015] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1128] Not found in Activity table while attempting to release
    2014-04-26T21:16:04.948913Z [3015] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1131] evicted from run queue on release
    2014-04-26T21:16:05.025115Z [3015] webos-device user.err mojomail-imap[10827]: {libpalmsocket}: crypto_resolve_peer_cert_error (fsm=0x152d18): ERROR: kPmSockCertVerifyOpt_fallbackToInstalledLeaf: unable to supress cert verification error
    2014-04-26T21:16:05.025390Z [3015] webos-device user.err mojomail-imap[10827]: {libpalmsocket}: crypto_resolve_peer_cert_error (fsm=0x152d18): LEAVING: preverify_ok=0, PslError=23 (Certificate verification failed), X509_V_ERR_=7 (certificate signature failure)
    2014-04-26T21:16:05.025482Z [3015] webos-device user.err mojomail-imap[10827]: {libpalmsocket}: psl_err_process_and_purge_openssl_err_stack (client=0x152d18): ERROR from openssl error-stack (raw) 218910881 (0xd0c50a1); lib=13, func=197, reason=161 (error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm)
    2014-04-26T21:16:05.025573Z [3015] webos-device user.err mojomail-imap[10827]: {libpalmsocket}: psl_err_process_and_purge_openssl_err_stack (client=0x152d18): ERROR from openssl error-stack (raw) 336134278 (0x14090086); lib=20, func=144, reason=134 (error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed)
    2014-04-26T21:16:05.026153Z [3015] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1133] evicted from run queue on release
    2014-04-26T21:16:05.052581Z [3015] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1133] evicted from run queue on release
    2014-04-26T21:16:05.052856Z [3015] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1133] Not found in Activity table while attempting to release
    2014-04-26T21:16:05.085632Z [3015] webos-device user.warning activitymanager[1665]: [activitymanager.activitymanager] [Activity 1134] evicted from run queue on release
    But how can I solve this, how can I install the new certificates and how can I delete the old ones?

    And it seems, that I have the same error on my TP with Google-mail :-(
  12.    #12  
    perhaps this issue should go to a new topic, it has nothing to do with heartbleed
  13. thg
    thg is offline
    thg's Avatar
    Posts
    238 Posts
    Global Posts
    261 Global Posts
    #13  
    Quote Originally Posted by gizmo21 View Post
    perhaps this issue should go to a new topic, it has nothing to do with heartbleed
    probably, but I posted it here, because I'm quite sure, that it is "heartbleed-related", seems that Strato.de changed their certificates mid of April so that the error occured.

    For the solution I finally used this: How To Verify SSL Certificate From A Shell Prompt

    And in German: SSL-verschlüsselte E-Mail mit Strato.de geht nicht mehr - Verbindungen - Nexave Smartphone- und Tablet-Forum

Similar Threads

  1. OpenSSL Compile
    By theinnkeeper in forum webOS Development
    Replies: 2
    Last Post: 09/27/2011, 11:17 AM
  2. Linking with other libraries(OpenSSL) in scratchbox
    By centrist in forum webOS Development
    Replies: 0
    Last Post: 02/21/2010, 06:58 AM
  3. email client and self-signed openssl certificate?
    By sf_basilix in forum Palm Pre and Pre Plus
    Replies: 8
    Last Post: 02/19/2010, 03:27 PM
  4. OpenSSL updates.. and updates.. and updates
    By errade in forum webOS Development
    Replies: 2
    Last Post: 12/31/2009, 09:15 AM
  5. Replies: 9
    Last Post: 06/15/2009, 07:45 PM

Posting Permissions