Re: IMAP over SSL error

On 03.09.2009 22:06:32, Pawel Salek wrote:
	OpenSSL error in imap_setup_ssl():
14071:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:284:
It may be that lotus does not support the same encryption methods as balsa. Can you please try the following commands and report the result (success/failure)?

openssl s_client -connect imaphost:993 -ssl3 -crlf
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
* OK Domino IMAP4 Server Release 8.0 ready Fri, 4 Sep 2009 00:01:59 +0600

openssl s_client -connect imaphost:993 -ssl2 -crlf

openssl s_client -connect imaphost:993 -tls1 -crlf
12575:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:284:

Balsa currently allows only TLSv1. We used to allow SSLv3 but it did not work well with all servers (see libbalsa/imap/imap-tls.c:imap_create_ssl). We should not allow SSLv2 since it has fundamental design problems.

Might be reasonable to have a switch TLS1/SSL3. Or, alternatively, if TLS fails, try again with SSL3.

Should I open a bug for it?
Ildar  Mulyukov,  free SW designer/programmer/packager
email: ildar altlinux ru
Jabber: ildar jabber ru
ICQ: 4334029
ALT Linux Sisyphus

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]