At 5:02 PM +0900 2/22/07, Jorgen Lundman wrote:
I use dovecot with Solaris 10 on x86.
I will point out that the OpenSSL that comes with Solaris 10 is very broken and will generally not work with ... anything. If you go fetch latest OpenSSL, either package from sunfreeware, or build yourself, and make sure to link against "/usr/local/ssl" instead. (I wouldn't advice pkg_rm the system ssl as the PAM module is linked against it, if you want to be able to login).
I concur.
If you want to use anything Sun isn't giving you with SSL on Solaris, you want to get a standard build of OpenSSL and link anything you need against it, not the not-really-quite-OpenSSL Sun provides.
(incidentally, you don't mention the version of Solaris you are using. That might be relevant)
Tim Skirvin wrote:
I'm trying to get dovecot working on Solaris x86. I've got it
working just fine on RH Desktop 4; and while I have a built, limping version on solx86, it's not actually usable except from other solx86 systems.
Basic details: Version 1.0rc23 OS Solaris x86 (64 bit) CPU Opteron Filesystem NFS (but it's not getting that far) The general problem is apparently SSL-related. I can connect
properly from another Solaris x86 machine, using either mutt or straight openssl; but when I try mutt from a Solaris or Linux machine, I get the error "SSL failed: I/O error" and it fails, and when I use openssl from a Linux machine, I get something like this:
victor ~> stelnet xxxxxxxx.ks.uiuc.edu 993
openssl s_client -connect xxxxxxxx.ks.uiuc.edu:993 -verify -debug verify depth is 0 CONNECTED(00000003) depth=0 /C=US/ST=Illinois/L=Urbana/O=UIUC/OU=[...] verify error:num=18:self signed certificate verify return:1 depth=0 /C=US/ST=Illinois/L=Urbana/O=UIUC/OU=[...] verify return:1 24748:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226:
Annoyingly, the same command run from a Solaris machine connects,
even though mutt doesn't. (I'm using 'mutt -f imaps://xxxx/', which I know works elsewhere; and the Linux mutt is the system default one, so I don't suspect that it is the source of the problem.)
The logs have been remarkably un-useful:
dovecot: Feb 21 09:41:21 Info: imap-login: Disconnected: rip=[...], lip=[...] TLS handshake
The software was built in all cases with: ./configure --prefix=/usr/local/encap/dovecot-1.0rc23.1 I've tried with both Sun's native cc and gcc compilers. I have
also tried building on SPARC Solaris with the native cc compiler, to the same (negative) effect. (I used to have v0.99.14 running just fine on this SPARC machine, so this worries me... but I only checked it just now as an after-thought.)
Any suggestions? - Tim Skirvin (tskirvin@ks.uiuc.edu)
-- Jorgen Lundman | lundman@lundman.net Unix Administrator | +81 (0)3 -5456-2687 ext 1017 (work) Shibuya-ku, Tokyo | +81 (0)90-5578-8500 (cell) Japan | +81 (0)3 -3375-1767 (home)
--
Bill Cole
bill@scconsult.com