Date: prev next · Thread: first prev next last
2020 Archives by date, by thread · List index


Hi,

Anybody can explain to me why (at least on an iPad) when using
LibreOffice Online, the browser makes HTTPS connections with
_different_ sets of supported crypto to the loolwsd daemon? Why don't
they all feature the same set of crypto support, and how I can address
that?

In exchange for the explanation, I'll at least try to make a patch
that addresses that (at least by widening the crypto support where it
is more limited, if it is not possible to equalise it everywhere).

Long version:

When using LibreOffice Online (very exactly, Collabora Office
Development Edition) on an iPad, be it through the Safari browser or
in the Nextcloud app, it makes multiple HTTP/TLS/TCP connections to
the loolwsd daemon.

So far, so good. But some of these connections have wider crypto
(ciphers and elliptic curves groups) support than others. Which was
very surprising to me. And which I discovered because my loolwsd is
patched to tighten crypto support to "I want PFS (perfect forward
secrecy), and I want elliptic curves recommended by
https://safecurves.cr.yp.to/";, which excludes the NIST (NSA chosen)
curves, so some connections are actually refused by my server. The
user-visible behaviour is that the UI loads (menus, etc) but the
actual document stays blank.

Some of the connections support only TLSv1.2, a set of 22 cipher
suites and secp256r1, secp384r1 and secp521r1 (which are then refused
by my server). Others additionally support TLSv1.3, a set of 26 cipher
suites (among which TLS_AES_*_GCM_SHA* and
TLS_CHACHA20_POLY1305_SHA256) and the x25519 curve, and successfully
connect to my server.

I looked a bit in the source code, and I found in loleaflet what looks
like a pure Javascript implementation of ECDH (supporting only the
NIST/NSA curves...), which suggests that some connections are made
with the whole TLS layer implemented in Javascript (instead of using
the platform TLS libraries and the browser's native support for TLS?),
and others through the browser / platform native support of TLS?

But what I don't understand is:

 - Why this difference, why not use the native TLS for everything?

 - If some connections use a Javascript implementation of TLS, why
   does it give a different result on an iPad than on a GNU/Linux or
   Microsoft Windows machine? If it is all Javascript, they should all
   give the same result on all platforms! Why does LibreOffice online
   work from these other OSes with the same server?

Thanks in advance,

Lionel

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.