Hi, Anybody can explain to me why (at least on an iPad) when using LibreOffice Online, the browser makes HTTPS connections with _different_ sets of supported crypto to the loolwsd daemon? Why don't they all feature the same set of crypto support, and how I can address that? In exchange for the explanation, I'll at least try to make a patch that addresses that (at least by widening the crypto support where it is more limited, if it is not possible to equalise it everywhere). Long version: When using LibreOffice Online (very exactly, Collabora Office Development Edition) on an iPad, be it through the Safari browser or in the Nextcloud app, it makes multiple HTTP/TLS/TCP connections to the loolwsd daemon. So far, so good. But some of these connections have wider crypto (ciphers and elliptic curves groups) support than others. Which was very surprising to me. And which I discovered because my loolwsd is patched to tighten crypto support to "I want PFS (perfect forward secrecy), and I want elliptic curves recommended by https://safecurves.cr.yp.to/";, which excludes the NIST (NSA chosen) curves, so some connections are actually refused by my server. The user-visible behaviour is that the UI loads (menus, etc) but the actual document stays blank. Some of the connections support only TLSv1.2, a set of 22 cipher suites and secp256r1, secp384r1 and secp521r1 (which are then refused by my server). Others additionally support TLSv1.3, a set of 26 cipher suites (among which TLS_AES_*_GCM_SHA* and TLS_CHACHA20_POLY1305_SHA256) and the x25519 curve, and successfully connect to my server. I looked a bit in the source code, and I found in loleaflet what looks like a pure Javascript implementation of ECDH (supporting only the NIST/NSA curves...), which suggests that some connections are made with the whole TLS layer implemented in Javascript (instead of using the platform TLS libraries and the browser's native support for TLS?), and others through the browser / platform native support of TLS? But what I don't understand is: - Why this difference, why not use the native TLS for everything? - If some connections use a Javascript implementation of TLS, why does it give a different result on an iPad than on a GNU/Linux or Microsoft Windows machine? If it is all Javascript, they should all give the same result on all platforms! Why does LibreOffice online work from these other OSes with the same server? Thanks in advance, Lionel _______________________________________________ LibreOffice mailing list LibreOffice@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/libreoffice
LibreOffice Online - TLS crypto & iPad
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: LibreOffice Online - TLS crypto & iPad
- From: Lionel Élie Mamane <lionel@xxxxxxxxx>
- Date: Tue, 21 Jul 2020 07:23:56 +0200
- Mail-followup-to: libreoffice@xxxxxxxxxxxxxxxxxxxxx
- User-agent: Mutt/1.14.0 (2020-05-02)
- Prev by Date: Re: Win 32
- Next by Date: GSoC week 7 Styles Inspector Report
- Previous by thread: Simulated Animation Effects - Week 7 Report
- Next by thread: GSoC week 7 Styles Inspector Report
- Index(es):
 |