On 23.2.2013, at 18.03, Charles Marcus <CMarcus@Media-Brokers.com> wrote:
Ok, I have a strange problem after updating both dovecot and openssl...
OpenSSL was 1.0.0j, now updated to 1.0.1c Dovecot was 2.1.13, now updated to 2.1.15
I'm getting a bunch of lines like the following:
Feb 23 10:48:01 myhost dovecot: imap-login: Disconnected (no auth attempts in 29 secs): user=<>, rip=#.#.#.#, lport=993, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session=<In+cO2bWngCthJz2>
where only the session id (and number of seconds for no auth attempts) is different...
This is happening for only the one client. All other clients - I've counted about 25 so far - are working fine.
Anyone have any ideas? I can't believe it is a generic openssl problem, since it is only affecting the one client.
Most likely related to the OpenSSL upgrade. Dovecot at least didn't change anything SSL related. You could see if verbose_ssl=yes logs anything interesting. And like Reindi mentioned, ssl_cipher_list is pretty much the only thing in Dovecot's configuration that may be related to this.