5 messages in net.sourceforge.lists.courier-imapRe: [Courier-imap] SSL problem on DEC...| From | Sent On | Attachments |
|---|---|---|
| "Gábor Bérczi (Gabucino)" | Apr 24, 2007 8:07 am | |
| "Gábor Bérczi (Gabucino)" | Apr 24, 2007 10:18 am | |
| "Gábor Bérczi (Gabucino)" | Apr 25, 2007 12:11 am |  .diff |
| Sam Varshavchik | Apr 25, 2007 4:33 pm | |
| "Gábor Bérczi (Gabucino)" | Apr 25, 2007 10:58 pm |
| Subject: | Re: [Courier-imap] SSL problem on DEC OSF/1 | |
|---|---|---|
| From: | "Gábor Bérczi (Gabucino)" (gab...@berczi.be) | |
| Date: | Apr 25, 2007 12:11:43 am | |
| List: | net.sourceforge.lists.courier-imap | |
| Attachments: | ||
Confirmed, and fixed. starttls.c doesn't check if randomness is available, and neither does it seed it when it isn't.
This is a bug in courier-imap !
The attached dirty patch makes starttls work on Digital UNIX 4.0 (Tru64 4.0) amongst more others.
On 2007.04.24., at 19:18, Gábor Bérczi (Gabucino) wrote:
Ok I didn't write "set -a" into my initscript.
Next:
Apr 24 19:16:41 gabucino imapd: couriertls: connect: error: 140B544E:SSL routines:SSL_GET_NEW_SESSION:ssl session id callback failed
I think couriertcpd doesn't seed the random generator on systems which don't have urandom. :(
On 2007.04.24., at 17:08, Gábor Bérczi (Gabucino) wrote:
Yo.
I compiled courier-authlib with DEC C compiler, works fine. I compiled courier-imap with gcc, which also works fine. Had to link a custom snprintf.o for each of the libs and binaries, because OSF1 libc lacks snprintf+vsnprintf.
courier works fine on port 143, but SSL does not. I used the exact same imapd-ssl config file that works elsewhere, but I had no success. Trying to connect to port imaps with any client (Apple Mail, mutt) results in the same log entry:
Apr 24 16:51:40 gabucino imapd: couriertls: connect: error: 1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
The server's cmdline:
/usr/local/sbin/courierlogger -pid=/var/run/imapd-ssl.pid -name=imapd -start /usr/local/libexec/couriertcpd -address=0 -maxprocs=40 - maxperip=50 -nodnslookup -noidentlookup 993 /usr/local/bin/couriertls -server -tcpd /usr/local/sbin/imaplogin /usr/local/bin/imapd Maildir
imapd-ssl:
SSLPORT=993 SSLADDRESS=0 SSLPIDFILE=/var/run/imapd-ssl.pid SSLLOGGEROPTS="-name=imapd-ssl" IMAPDSSLSTART=NO IMAPDSTARTTLS=YES IMAP_TLS_REQUIRED=0 COURIERTLS=/usr/local/bin/couriertls TLS_PROTOCOL=SSL3 TLS_STARTTLS_PROTOCOL=TLS1 TLS_CERTFILE=/etc/ssl/server.pem TLS_VERIFYPEER=NONE MAILDIRPATH=Maildir
What is the problem?
-- Bérczi Gábor http://www.gabucino.be/
--------------------------------------------------------------------- -
--- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Courier-imap mailing list Cour...@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier- imap
-- Bérczi Gábor http://www.gabucino.be/
----------------------------------------------------------------------
--- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Courier-imap mailing list Cour...@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
-- Bérczi Gábor http://www.gabucino.be/