search for: s3_pkt

...le that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_4 src/crypto/openssl/crypto/opensslv.h 1.1.1.1.2.9 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.1.2.7 RELENG_5_2 src/UPDATING 1.282.2.11 src/crypto/openssl/crypto/opensslv.h 1.1.1.14.2.1 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.8.4.1 src/sys/conf/newvers.s...

...le that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_4 src/crypto/openssl/crypto/opensslv.h 1.1.1.1.2.9 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.1.2.7 RELENG_5_2 src/UPDATING 1.282.2.11 src/crypto/openssl/crypto/opensslv.h 1.1.1.14.2.1 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.8.4.1 src/sys/conf/newvers.s...

...essfully [$CLIENTIP] Is this right? Is SSLv3 used on this connection? But when I explicitely test for SSLv3 support I get $ openssl s_client -connect $SERVERIP:993 -ssl3 CONNECTED(00000003) 140683835029160:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1260:SSL alert number 40 140683835029160:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 0 bytes --- New, (...

...) looks promising - also for the secp521r1 curve but when changing dovecot.conf to use these keys and certificates it won't use them and return errors # openssl s_client -port 993 CONNECTED(00000003) 140543456835240:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1195:SSL alert number 40 140543456835240:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:591: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 0 bytes --- New, (NONE), Cipher is (NONE) Secure Reneg...

.... That's what you see here.. > But when I explicitely test for SSLv3 support I get > > $ openssl s_client -connect $SERVERIP:993 -ssl3 > > CONNECTED(00000003) > 140683835029160:error:14094410:SSL > routines:SSL3_READ_BYTES:sslv3 alert handshake > failure:s3_pkt.c:1260:SSL alert number 40 > 140683835029160:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl > handshake failure:s3_pkt.c:598: That is the ultimate prove your server have SSLv3 disabled. Andreas

...... tls_read: want=2, got=2 0000: 02 30 .0 TLS trace: SSL3 alert read:fatal:unknown CA TLS trace: SSL_accept:failed in SSLv3 read client certificate A TLS: can't accept. TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca s3_pkt.c:1052 connection_read(14): TLS accept error error=-1 id=2, closing connection_closing: readying conn=2 sd=14 for close May anyone tell me what is going wrong? Thank you ___________________________________________________________________________ Appel audio GRATUIT partout dans le m...

Hi, I tracked down a tricky bug in dovecot that can cause the imap-login and pop3-login processes to crash on handshake failures. This can be tested by disabling SSLv3 in the dovecot config (ssl_protocols = !SSLv2 !SSLv3) and trying to connect with openssl and forced sslv3 (openssl s_client -ssl3 -connect localhost:995). This would cause a crash. What was going on is this: In

Connecting to dovecot with ssl3 causes imap-login to die: $ openssl s_client -connect localhost:993 -ssl3 CONNECTED(00000003) 4277630796:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:s3_pkt.c:1461:SSL alert number 40 4277630796:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:645: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 0 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotia...

...rver/CN=imap.example.com/emailAddress=postmaster at example.com verify error:num=18:self signed certificate verify return:1 depth=0 /OU=IMAP server/CN=imap.example.com/emailAddress=postmaster at example.com verify return:1 20949:error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac:s3_pkt.c:1052:SSL alert number 20 20949:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226: I'm trying to use evolution 1.3.3 to connect via imaps. Whenever I click on the mail folder it just says 'Scanning folders in "IMAP server imap.example.com" (100%)' a...

...alo/CN=Juha Ylitalo/Email=jylitalo at iki.fi verify return:1 depth=0 /C=FI/ST=Finland/O=Juha Ylitalo/CN=coat.st-paul/Email=jylitalo at iki.fi verify return:1 47169:error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac:/usr/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/s3_pkt.c:1046:SSL alert number 20 47169:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/usr/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/s23_lib.c:226: bash-2.05a$ [log ends] -- Juha Ylitalo juha.o.ylitalo at nokia.com <work e-mail> +358 40 562 6152...

...alo/CN=Juha Ylitalo/Email=jylitalo at iki.fi verify return:1 depth=0 /C=FI/ST=Finland/O=Juha Ylitalo/CN=coat.st-paul/Email=jylitalo at iki.fi verify return:1 47169:error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac:/usr/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/s3_pkt.c:1046:SSL alert number 20 47169:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/usr/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/s23_lib.c:226: bash-2.05a$ [log ends] -- Juha Ylitalo juha.o.ylitalo at nokia.com <work e-mail> +358 40 562 6152...

Hi, after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 (ubuntu precise), in my logs I have a lot of these errors: Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): child 6714 killed with signal 11 (core dumps disabled) I tested 2.0.21 and the problem is still here. The problem seems to appear only when the client is ms outlook, thunderbird works fine

...r secure or unneccessary they were, in the end I had a complete and correct funcioning ldap + samba setup, that was usable.It was especially frustrating to get tls connection working, it kept failing with the following error: TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca s3_pkt.c:1052 samba and ldap run on the same server. Besides the documented config for slapd: (etc/openldap/slapd.conf) TLSCertificateFile /etc/ssl/certs/smb.ahm.nl.pem TLSCertificateKeyFile /etc/ssl/keys/smb.ahm.nl.key TLSCACertificateFile /etc/ssl/certs/ca.pem quite important it is allso that...