Fix tls issue with time synchronization #145
Comments
|
Related to this, out of my list of 9 or so time correction server URLs that are stored in the Clock Sync tab menu for my KeeTrayTOTP 0.107 (using Keepass 2.4.5), it is random but I will see usually one or two of the nine total Server URLs showing failure error state in the Clock Sync tab menu. If I manually click refresh in the Time Correction List area it normally clears those error states up. The settings are default in the Clock Sync tab menu, I have only had the plugin installed for 24 hours now. It does seem to be random as to which servers show the failure, they are all public servers and the connection should be good to them from this system I use (although it is often on a corporate VPN most of the day). It seems to clear up instantly when I click "Refresh Time Corrections" button manually in the Clock Sync tab in the plugin. I don't know if the time correction server is in the error state if it truly affects being able to utilize the current generated TOTP code on the website in question that I need to log in that matches the entry in KP. I have not seen that to be an issue yet, but definitely the error does occur randomly for some URLs, normally no more than two at a time and it seems quite random which will have the error state displayed:
My Time Correction Server list includes these URL entries and a couple others: https://github.com/login Today so far when going back in the Tray TOTP Plugin menu Settings > Clock Sync tab it has not shown any server URLs with error / failed state yet, but yesterday after installing the plugin for the first time and performing setup of it, adding clock sync URLs, creating TOTP entries, if I went back in to Clock Sync tab to see the list of servers it would show error failed state on 1 or 2 of the total amount of servers there (9 total servers maximum in the list) and clicking refresh would solve that temporarily, then 30 mins later I would go back in to look and it would show an error on another server different from the others, for error / failed state. |
Some https:// url's cannot be loaded, because they use Tls1.2 which is not always enabled.
This could be solved like this, but we need to make sure that the constant is always available as users compile the plugin themselves, and the Tls12 constant not being there would break that.
Edit:
There seems to be some code in KeePass which enables tls1.1/tls1.2 on the ServicePointManager, but that code might not be hit at all times. It also depends under which version of the .NET framework Keepass runs.
The text was updated successfully, but these errors were encountered: