TLS v1.3 support of clients?

Hi all,

since TLS 1.3 has been finalized and approved and Chrome and Firefox already support it. What is the status of tls 1.3 support in the seafile desktop and mobile clients?

2 Likes

Any news on this?

4 Likes

It’s been two years now…and still no TLSv1.3 support?

I’ve just set up my new seafile server today and the desktop client threw a “ssl handshake error”. After 1 hour of debugging i stumbled across the tls settings…

Adding TLS 1.2 support to nginx solved the issue.

Please add TLS1.3 support to seafile!

1 Like

Looking at Nextcloud QT seems to support it meanwhile.

“we’ve just released 2.6.1 RC1 which is built with Qt 5.12.5 and OpenSSL 1.1.1d on all platforms, so it features TLS 1.3 :-)” – https://github.com/nextcloud/desktop/issues/1419#issuecomment-544019354

since another year has passed…

@daniel.pan any news / plans to support TLSv1.3?

3 Likes

This is starting to be a serious issue, TLSv1.2 has serious security flaws by now. Please fix this asap.

3 Likes

Reference here.

@Jonathan When can we expect 1.3 to be included into sync and drive client?

Search for China and TLS 1.3 in Google. I am not so sure if this gets implemented :wink:

1 Like

This would be really bad news for the long term security of seafile. I guess it is finally time to look for an alternative that has basic search capabilities and supports TLS 1.3 (and future versions). As much as a like seafile and appreciate all the work the team has done, missing tls 1.3+ support is a deal breaker…

You realize that the clients discussed in this thread are open source? ALL of them!

https://download.seafile.com/published/seafile-manual/home.md

To be honest, I would also find a statement of the developers interesting. TLS 1.3 with ESNI provides such a high value for privacy that it is almost completely blocked by the chinese national censorship tool, also known as the Great Firewall (GFW), see: https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/. Therefore, it may also play a limited role in software development in China. But for the rest of the world it would certainly be a great improvement.

@daniel.pan @Jonathan Please provide us with a statement regarding TLS 1.3 implementation in sync and drive client.
Not commenting on this at all since 2018 raises questions in the community as you can see. Thanks in advance for implementing this soon.

@rdb Even if someone from the community would implement this, the chances of the code to be merged are low since (sadly) even the manual was closed for public community input and even back then it took sometimes month for a merge request to be noticed. This shouldn’t be an issue to implement in the clients and it is long overdue.

1 Like

The clients use Qt and libcurl.

Current status of clients on platforms:

sync client:

  • Windows: not compatible to TLS 1.3. The build environment needs to be updated to newer version of Qt and libcurl. We’ll work on it before the end of this year. It’ll take some time since we need to migrate from Mingw to Visual Studio.
  • macOS: need to upgrade Qt version. This will be done in the next version.
  • Linux: use latest OS and libraries.

SeaDrive client:

  • Windows: 2.0 is compatible with TLS 1.3
  • macOS: need to upgrade Qt version. This will be done in the next version.
  • Linux: use latest OS and libraries.
5 Likes

Seafile Sync Client 8.0 now supports TLS 1.3: Seafile sync client 8.0.0 (beta) is released!