2.3.13: newly introduced TLS bug : tls_construct_server_key_exchange
Hi,
since the update from 2.3.11 to 2.3.13 some clients generate this bug :
TLS handshaking: SSL_accept() failed: error:141EC044:SSL routines:tls_construct_server_key_exchange:internal error
As it looks for now, they use the old SSL approach on Ports 993 and 995.
SSL Config says:
ssl = yes ssl_cert =
OS: Fedora 32 X86_64 Ext4 file storage on local disks
Versions:
dovecot-2.3.13-1.fc32.x86_64 openssl-1.1.1i-1.fc32.x86_64
best regards, Marius Schwarz
Am 07.01.21 um 17:31 schrieb Marius Schwarz:
Versions: dovecot-2.3.13-1.fc32.x86_64 openssl-1.1.1i-1.fc32.x86_64
Fedora released dovecot-2.3.13-2.fc32.x86_64, which seems to fix the issue.
best regards, Marius Schwarz
Hard to say without reproducer and more information, but I think it was a downstream bug. There was configuration error in 2.3.13-1 build. I'm not sure how exactly it could cause this error, but I did not see any report for the new build so far.
On 07. 01. 21 17:31, Marius Schwarz wrote:
Hi,
since the update from 2.3.11 to 2.3.13 some clients generate this bug :
TLS handshaking: SSL_accept() failed: error:141EC044:SSL routines:tls_construct_server_key_exchange:internal error
As it looks for now, they use the old SSL approach on Ports 993 and 995.
SSL Config says:
ssl = yes ssl_cert =
OS: Fedora 32 X86_64 Ext4 file storage on local disks
Versions:
dovecot-2.3.13-1.fc32.x86_64 openssl-1.1.1i-1.fc32.x86_64
best regards, Marius Schwarz
participants (2)
-
Marius Schwarz
-
Michal Hlavinka