Re: [Evolution] SSL Unknown CA or Bad Record MAC

[ximian-evolution squalor org]

Do you mean that openssl on the server side ignores the error within
the openssl library? Because openssl on the client side doesn't ignore
the error - the error *NEVER* occurs. I've been looking and the decoded
packets through ethereal and there simply isn't an error sent back from
the server.

How can you be so sure that it's not a bug in Evolution (or did I just take
the bait)?

On Fri, Jan 03, 2003 at 05:31:43PM -0500, Jeffrey Stedfast wrote:
> maybe openssl ignores the error? or maybe there is a bug in mozilla's
> nss libs? I dunno, but it's not a bug in evolution - that is for sure :\
>
> Jeff
>
> On Fri, 2003-01-03 at 17:03, ximian-evolution squalor org wrote:
> > [Having problems getting email to the list correctly - my fault - but
> > hopefully this will get there correctly, but apologies if there duplicates]
> >
> > I'm having problems with Evolution v1.2.1 on RedHat 8.0. I have IMAP
> > over SSL working (didn't originally due to "Unknown CA" but deleted
> > ~/evolution/cert7.db and now works) but now I get "Bad Record MAC"
> > when trying to connect to an SMTP server over SSL (SSL is provided on the
> > server using stunnel).
> >
> > If I use 
> >
> >   openssl s_client -connect mymailserver.com:465 -cipher RC4-MD5
> >
> > everything works correctly. 
> >
> > From looking at the packets using ethereal, Evoultion uses the same cipher
> > but I get "Bad Record MAC" and a dialog reporting "Input/Output" error.
> >
> > Client: openssl-0.9.6b-29
> > Server: openssl-0.9.6b-28 
> >         stunnel 3.22 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.6b [engine] 9 Jul 2001
> >
> > Ideas and suggestions welcome.
> -- 
> Jeffrey Stedfast
> Evolution Hacker - Ximian, Inc.
> fejj ximian com  - www.ximian.com

-- 
mike\n.