On Wed, Dec 30, 2009 at 08:43:20PM CET, Dererk <der...@madap.com.ar> said: > Erwan David escribió: > > On Tue, Mar 03, 2009 at 12:05:59PM CET, "Stefan Hornburg (Racke)" > > <ra...@linuxia.de> said: > > > >> Erwan David wrote: > >> > >>> On Tue, Mar 03, 2009 at 11:01:20AM CET, Stefan Hornburg > >>> <ra...@linuxia.de> said: > >>> > >>>> Erwan David wrote: > >>>> > >>>>> Package: courier-imap-ssl > >>>>> Version: 4.4.0-2 > >>>>> Severity: grave > >>>>> Justification: renders package unusable > >>>>> > >>>>> Since upgrade to lenny, I cannot get a ssl connection with > >>>>> courier-imap. Here is the log: > >>>>> > >>>>> Mar 3 09:55:09 maio imapd-ssl: couriertls: connect: error:1408F10B:SSL > >>>>> routines:SSL3_GET_RECORD:wrong version number > >>>>> > >>>>> I get same error when I use fetchmail, mutt or openssl s_client to > >>>>> connect. > >>>>> > >>>>> courier-pop-ssl works. > >>>>> > >>>> How does your /etc/courier/imapd-ssl configuration file look like? > >>>> > >>>> Regards > >>>> Racke > >>>> > >>> Find it at the end of the message. Please note that courier-pop-ssl > >>> works with the same settings. > >>> > >>> If I set TLS_PROTOCOL to SSL23, I get a "no shared ciphers" error, > >>> even if I set TLS_CIPHER_LIST to ALL > >>> > >> What happens if you don't set TLS_PROTOCOL at all? > >> > >> Regards > >> Racke > >> > > > > Error is > > > > Mar 3 13:11:41 maio imapd-ssl: couriertls: connect: error:1408A0C1:SSL > > routines:SSL3_GET_CLIENT_HELLO:no shared cipher > > > > If I add > > TLS_CIPHER_LIST='SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!n...@strength' > > > > or > > TLS_CIPHER_LIST=ALL > > > > I get the same error. Even If I use > > openssl s_client -connect maio:993 -cipher ALL on client side. > > > > > > > Helo Erwan. > > Please try replacing the config with this: > TLS_PROTOCOL=SSL3 > TLS_STARTTLS_PROTOCOL=TLS1 > TLS_CIPHER_LIST="ALL:!SSLv2:!ADH:!NULL:!EXPORT:!DES:!LOW:@STRENGTH" > > That would use gnutls crypto instead openssl. Let's see if that helps > finding out anything. > > > Greetings, > > Dererk >
Same error : Jan 6 08:33:17 maio imapd-ssl: couriertls: accept: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher -- Erwan David, IT Team manager ========================================================== Trusted Logic Tel: +33 1 30 97 25 03 5 rue du Bailliage Std: +33 1 30 97 25 00 78000 Versailles Fax: +33 1 30 97 25 19 France ============= This message is protected by the secrecy of correspondence rules; furthermore it may contain privileged or confidential information that is protected by law, notably by the secrecy of business relations rule; it is intended solely for the attention of the addressee. Any disclosure, use, dissemination or reproduction (either whole or partial) of this message or the information contained herein is strictly prohibited without prior consent. Please, do not print this message unless it is necessary, consider the environment. ============= ============= Ce message est protégé par les règles applicables à la correspondance; de plus, il peut contenir des informations personnelles ou confidentielles protégées par la loi, notamment par la réglementation applicable au secret de fabrique; il est à l'attention exclusive de son destinataire. Toute divulgation, utilisation, dissémination ou reproduction (entière ou partielle) de ce message ou de l'information qu'il contient est strictement interdite sans l'accord de l'émetteur. Merci de ne pas imprimer ce message sans nécessité, respectez l'environnement. ============= -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
