 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
7 messages in ru.sysoev.nginxRe: IMAP/SSL issue.| From | Sent On | Attachments |
|---|---|---|
| Bryan Allen | Jul 28, 2008 9:16 pm | |
| Igor Sysoev | Jul 29, 2008 2:00 am |  .solaris |
| Bryan Allen | Jul 29, 2008 8:57 am | |
| Igor Sysoev | Jul 29, 2008 8:59 am | |
| Bryan Allen | Jul 29, 2008 9:38 am | |
| Igor Sysoev | Jul 29, 2008 10:17 am | .solaris1 |
| Bryan Allen | Jul 29, 2008 12:13 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: IMAP/SSL issue. | Actions... |
|---|---|---|
| From: | Igor Sysoev (is-G...@public.gmane.org) | |
| Date: | Jul 29, 2008 2:00:29 am | |
| List: | ru.sysoev.nginx | |
| Attachments: | patch.ssl.solaris - 0.4k | |
On Tue, Jul 29, 2008 at 12:16:29AM -0400, Bryan Allen wrote:
I'm trying to get the IMAP/SSL module working and running into an odd issue. Plaintext connections work just fine, but SSL connections don't seem to contact the auth daemon.
# imtest -p 143 -a $USER -m login localhost S: * OK IMAP4 ready C: C01 CAPABILITY S: * CAPABILITY IMAP4rev1 UIDPLUS SORT AUTH=PLAIN S: C01 OK completed Please enter your password: C: L01 LOGIN $USER {8} S: + OK C: <omitted> S: L01 OK User logged in Authenticated. Security strength factor: 0
# imtest -s -p 993 -a $USER -m login localhost verify error:num=20:unable to get local issuer certificate verify error:num=27:certificate not trusted verify error:num=21:unable to verify the first certificate TLS connection established: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) S: * OK IMAP4 ready C: C01 CAPABILITY failure: prot layer failure
2008/07/28 20:14:52 [notice] 422#0: using the "/dev/poll" event method
2008/07/28 20:14:52 [notice] 422#0: nginx/0.7.6
2008/07/28 20:14:52 [notice] 422#0: built by gcc 3.4.3
(csl-sol210-3_4-branch+sol_rpath)
2008/07/28 20:14:52 [notice] 422#0: OS: SunOS 5.10
2008/07/28 20:14:52 [notice] 422#0: version: Generic_127112-03
2008/07/28 20:14:52 [notice] 422#0: getrlimit(RLIMIT_NOFILE): 1024:1024
2008/07/28 20:14:52 [notice] 422#0: start worker processes
2008/07/28 20:14:52 [notice] 422#0: start worker process 423
2008/07/28 20:15:14 [debug] 423#0: *1 accept: 127.0.0.1 fd:10
2008/07/28 20:15:14 [debug] 423#0: malloc: 000000000062DFE0:328
2008/07/28 20:15:14 [info] 423#0: *1 client 127.0.0.1 connected to 0.0.0.0:993
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_do_handshake: -1
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_get_error: 2
2008/07/28 20:15:14 [debug] 423#0: *1 devpoll add event: fd:10 ev:0001
2008/07/28 20:15:14 [debug] 423#0: *1 devpoll fd:10 ev:0001 fl:0000
2008/07/28 20:15:14 [debug] 423#0: *1 event timer add: 10: 60000:1217290574610
2008/07/28 20:15:14 [debug] 423#0: *1 SSL handshake handler: 0
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_do_handshake: -1
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_get_error: 2
2008/07/28 20:15:14 [debug] 423#0: *1 SSL handshake handler: 0
2008/07/28 20:15:14 [debug] 423#0: *1 http ssl new session: ADF535E5:32:119
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_do_handshake: 1
2008/07/28 20:15:14 [debug] 423#0: *1 devpoll del event: fd:10 ev:0001
2008/07/28 20:15:14 [debug] 423#0: *1 devpoll fd:10 ev:0800 fl:0000
2008/07/28 20:15:14 [debug] 423#0: *1 SSL: TLSv1, cipher: "DHE-RSA-AES256-SHA
SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1"
2008/07/28 20:15:14 [debug] 423#0: *1 malloc: 000000000062A400:256
2008/07/28 20:15:14 [debug] 423#0: *1 event timer: 10, old: 1217290574610, new:
1217290574641
2008/07/28 20:15:14 [debug] 423#0: *1 SSL to write: 18
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_write: 18
2008/07/28 20:16:14 [debug] 423#0: *1 event timer del: 10: 1217290574610
2008/07/28 20:16:14 [info] 423#0: *1 client timed out (145: Connection timed
out) while in auth state, client: 127.0.0.1, server: 0.0.0.0:993
2008/07/28 20:16:14 [debug] 423#0: *1 close mail connection: 10
2008/07/28 20:16:14 [debug] 423#0: *1 SSL_shutdown: 1
2008/07/28 20:16:14 [debug] 423#0: *1 free: 000000000062DFE0
2008/07/28 20:16:14 [debug] 423#0: *1 free: 00000000006050F0, unused: 8
2008/07/28 20:16:14 [debug] 423#0: *1 free: 000000000062A400, unused: 176
The attached patch should fix the bug.
-- Igor Sysoev http://sysoev.ru/en/
Index: src/mail/ngx_mail_handler.c =================================================================== --- src/mail/ngx_mail_handler.c (revision 1440) +++ src/mail/ngx_mail_handler.c (working copy) @@ -198,7 +198,13 @@ return; }
+ if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { + ngx_mail_close_connection(c); + return; + } + ngx_mail_init_session(c); + return; }