On Sunday 19 April 2009 03:42:03 Brad wrote:
On Sunday 19 April 2009 00:47:20 Brad wrote:
On Saturday 18 April 2009 16:31:10 Timo Sirainen wrote:
On Sat, 2009-04-18 at 22:26 +0200, Christian Rueger wrote:
dovecot: imap-login: Disconnected (no auth attempts): rip=Y.Y.Y.Y, lip=X.X.X.X, TLS handshaking: SSL_accept() failed: error:0307F041:bignum routines:BNRAND:malloc failure
Oh. malloc() failed? See if increasing login_process_size helps (or se it to 0 to disable the limit).
I am not seeing the bit about SSL_accept() and setting login_process_size to 0 does not help.
Another thing I forgot to mention... I had someone else do some testing with two 32-bit systems (i386) and he was not able to reproduce the issue. I haven't had a chance to double check this but I will tomorrow. So this is starting to look like it is specific to 64-bit systems. I am using amd64 here.
Even weirder I have found Windows systems running Thunderbird at least can establish a TLS session fine.
From another OpenBSD system..
$ openssl s_client -connect mail.comstyle.com:143 -starttls imap CONNECTED(00000004) depth=0 /C=CA/ST=Ontario/L=Toronto/O=ComStyle/OU=IMAP server/CN=mail.comstyle.com/emailAddress=postmaster@comstyle.com verify error:num=18:self signed certificate verify return:1 depth=0 /C=CA/ST=Ontario/L=Toronto/O=ComStyle/OU=IMAP server/CN=mail.comstyle.com/emailAddress=postmaster@comstyle.com verify return:1 20082:error:05066066:Diffie-Hellman routines:COMPUTE_KEY:invalid public key:/usr/src/lib/libssl/src/crypto/dh/dh_key.c:216: 20082:error:14098005:SSL routines:SSL3_SEND_CLIENT_KEY_EXCHANGE:DH lib:/usr/src/lib/libssl/src/ssl/s3_clnt.c:2109:
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.