 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
7 messages in ru.sysoev.nginxIMAP/SSL issue.| From | Sent On | Attachments |
|---|---|---|
| Bryan Allen | Jul 28, 2008 9:16 pm | |
| Igor Sysoev | Jul 29, 2008 2:00 am |  .solaris |
| Bryan Allen | Jul 29, 2008 8:57 am | |
| Igor Sysoev | Jul 29, 2008 8:59 am | |
| Bryan Allen | Jul 29, 2008 9:38 am | |
| Igor Sysoev | Jul 29, 2008 10:17 am | .solaris1 |
| Bryan Allen | Jul 29, 2008 12:13 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | IMAP/SSL issue. | Actions... |
|---|---|---|
| From: | Bryan Allen (bda-...@public.gmane.org) | |
| Date: | Jul 28, 2008 9:16:06 pm | |
| List: | ru.sysoev.nginx | |
Good evening,
I'm trying to get the IMAP/SSL module working and running into an odd issue. Plaintext connections work just fine, but SSL connections don't seem to contact the auth daemon.
# imtest -p 143 -a $USER -m login localhost S: * OK IMAP4 ready C: C01 CAPABILITY S: * CAPABILITY IMAP4rev1 UIDPLUS SORT AUTH=PLAIN S: C01 OK completed Please enter your password: C: L01 LOGIN $USER {8} S: + OK C: <omitted> S: L01 OK User logged in Authenticated. Security strength factor: 0
# imtest -s -p 993 -a $USER -m login localhost verify error:num=20:unable to get local issuer certificate verify error:num=27:certificate not trusted verify error:num=21:unable to verify the first certificate TLS connection established: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) S: * OK IMAP4 ready C: C01 CAPABILITY failure: prot layer failure
2008/07/28 20:14:52 [notice] 422#0: using the "/dev/poll" event method
2008/07/28 20:14:52 [notice] 422#0: nginx/0.7.6
2008/07/28 20:14:52 [notice] 422#0: built by gcc 3.4.3
(csl-sol210-3_4-branch+sol_rpath)
2008/07/28 20:14:52 [notice] 422#0: OS: SunOS 5.10
2008/07/28 20:14:52 [notice] 422#0: version: Generic_127112-03
2008/07/28 20:14:52 [notice] 422#0: getrlimit(RLIMIT_NOFILE): 1024:1024
2008/07/28 20:14:52 [notice] 422#0: start worker processes
2008/07/28 20:14:52 [notice] 422#0: start worker process 423
2008/07/28 20:15:14 [debug] 423#0: *1 accept: 127.0.0.1 fd:10
2008/07/28 20:15:14 [debug] 423#0: malloc: 000000000062DFE0:328
2008/07/28 20:15:14 [info] 423#0: *1 client 127.0.0.1 connected to 0.0.0.0:993
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_do_handshake: -1
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_get_error: 2
2008/07/28 20:15:14 [debug] 423#0: *1 devpoll add event: fd:10 ev:0001
2008/07/28 20:15:14 [debug] 423#0: *1 devpoll fd:10 ev:0001 fl:0000
2008/07/28 20:15:14 [debug] 423#0: *1 event timer add: 10: 60000:1217290574610
2008/07/28 20:15:14 [debug] 423#0: *1 SSL handshake handler: 0
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_do_handshake: -1
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_get_error: 2
2008/07/28 20:15:14 [debug] 423#0: *1 SSL handshake handler: 0
2008/07/28 20:15:14 [debug] 423#0: *1 http ssl new session: ADF535E5:32:119
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_do_handshake: 1
2008/07/28 20:15:14 [debug] 423#0: *1 devpoll del event: fd:10 ev:0001
2008/07/28 20:15:14 [debug] 423#0: *1 devpoll fd:10 ev:0800 fl:0000
2008/07/28 20:15:14 [debug] 423#0: *1 SSL: TLSv1, cipher: "DHE-RSA-AES256-SHA
SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1"
2008/07/28 20:15:14 [debug] 423#0: *1 malloc: 000000000062A400:256
2008/07/28 20:15:14 [debug] 423#0: *1 event timer: 10, old: 1217290574610, new:
1217290574641
2008/07/28 20:15:14 [debug] 423#0: *1 SSL to write: 18
2008/07/28 20:15:14 [debug] 423#0: *1 SSL_write: 18
2008/07/28 20:16:14 [debug] 423#0: *1 event timer del: 10: 1217290574610
2008/07/28 20:16:14 [info] 423#0: *1 client timed out (145: Connection timed
out) while in auth state, client: 127.0.0.1, server: 0.0.0.0:993
2008/07/28 20:16:14 [debug] 423#0: *1 close mail connection: 10
2008/07/28 20:16:14 [debug] 423#0: *1 SSL_shutdown: 1
2008/07/28 20:16:14 [debug] 423#0: *1 free: 000000000062DFE0
2008/07/28 20:16:14 [debug] 423#0: *1 free: 00000000006050F0, unused: 8
2008/07/28 20:16:14 [debug] 423#0: *1 free: 000000000062A400, unused: 176
# /opt/local/nginx/sbin/nginx -V
nginx version: nginx/0.7.6
built by gcc 3.4.3 (csl-sol210-3_4-branch+sol_rpath)
configure arguments: --prefix=/opt/local/nginx --pid-path=/var/run/nginx.pid
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log --with-http_ssl_module
--with-openssl=/export/scratch/openssl-0.9.8h --with-cc-opt=-m64
-I/usr/local/include -I/usr/local/ssl/include --with-ld-opt=-L/lib/64
-L/usr/sfw/lib/64 -R/usr/sfw/lib/64 -R/lib/64 -L/usr/local/ssl/lib -m64
-L/usr/local/lib -R/usr/local/lib --with-mail --with-mail_ssl_module
--with-debug
My config:
worker_processes 1; events { worker_connections 256; multi_accept on; debug_connection 127.0.0.1; }
mail { auth_http 127.0.0.1:9000/auth;
imap_capabilities "IMAP4rev1" "UIDPLUS" "SORT";
server { listen 143; protocol imap; proxy on; }
server { listen 993; protocol imap; proxy on; ssl on; ssl_certificate /tmp/cert.crt; ssl_certificate_key /tmp/cert.key; starttls on; } }
Running errinfo from the DTrace Toolkit gets me this:
# ./errinfo -n nginx EXEC SYSCALL ERR DESC nginx read 11 Resource temporarily unavailable nginx accept 11 Resource temporarily unavailable nginx read 11 Resource temporarily unavailable
But that may be a red herring...
I haven't been able to find anything in the archives, nor has anyone on IRC been able to shed any light on what I've mucked up.
Thoughts?
Thanks much.
-- bda Cyberpunk is dead. Long live cyberpunk. http://mirrorshades.org