undefined | Better HN

0 pointsnoinsight10y ago0 comments

I wouldn't hold my breath. The iOS Mail app can not negotiate any TLS version above 1.0 (for IMAP, possibly SMTP too) even though it obviously supports TLS 1.2 because it sends a TLS version of 1.0 in the ClientHello message even though that same message will contain TLS 1.2 ciphers (AES-GCM).

I reported it in October and Apple's security team replied they're aware of it but it's still not fixed 2 releases later even though they probably need to fix like 1 line of code (the advertised version flag).

0 comments

chris_wot10y ago

They have actually fixed it - if you get bit with it then you can reference rdar://problem/22242515

The WebKit bug is here:

https://bugs.webkit.org/show_bug.cgi?format=multiple&id=1528...

The patch to fix it is here:

https://bugs.webkit.org/attachment.cgi?id=268394&action=diff

The workaround, FWIW (thanks Simon!) is to add shrink-to-fit=no” to the meta viewport tag.

For me, it was too much effort to get OpenGrok fixed, so I just did a rewrite rule in Charles Proxy that gets rid of the style attribute.

j / k navigate · click thread line to collapse