[Dovecot] trouble with ssl
hi list,
first of all, many thanks to the developers of dovecot for this great piece of software!
i'm running dovecot 0.99.9.1 on netbsd-current - runs very fine until i try to use sylpheed from my client to connect via ssl:
--snip-- Jun 13 08:48:32 devbox imap-login: SSL_accept() failed: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac [192.168.100.88] Jun 13 08:48:32 devbox imap-login: Disconnected [192.168.100.8 --snip--
doesn't say much to me...
thanks for any help, TOM
Tom,
I had the same problem on FreeBSD 5.1-current. If you search usenet, you'll see that lots of people had problems with OpenSSL 0.9.7a. I've upgraded my OpenSSL on FreeBSD compiling the latest port (0.9.7b), and recompiling Dovecot. Everything works fine now. I've also heard that there is a similar problem with some of the 0.9.6 releases, but I think that should also be fixed with the latest 0.9.6 sources.
Hope this helps
Mike
On Fri, 13 Jun 2003, tom hensel wrote:
hi list,
first of all, many thanks to the developers of dovecot for this great piece of software!
i'm running dovecot 0.99.9.1 on netbsd-current - runs very fine until i try to use sylpheed from my client to connect via ssl:
--snip-- Jun 13 08:48:32 devbox imap-login: SSL_accept() failed: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac [192.168.100.88] Jun 13 08:48:32 devbox imap-login: Disconnected [192.168.100.8 --snip--
doesn't say much to me...
thanks for any help, TOM
mike,
I had the same problem on FreeBSD 5.1-current. If you search usenet, you'll see that lots of people had problems with OpenSSL 0.9.7a. I've upgraded my OpenSSL on FreeBSD compiling the latest port (0.9.7b), and recompiling Dovecot. Everything works fine now. I've also heard that there is a similar problem with some of the 0.9.6 releases, but I think that should also be fixed with the latest 0.9.6 sources.
nebtsd has a pkgsrc for openssl-0.9.6g - it compiled just fine. recompiling dovecot did not change anything, same error as before. i'm ccing this mail to the maintainter of the pkgsrc, i wonder how dovecot's configure decides wether to use the openssl-libs included with netbsd's or the ones form pkgsrc...
Hope this helps
yeah, thanks a lot ;)
i'm running dovecot 0.99.9.1 on netbsd-current - runs very fine until i try to use sylpheed from my client to connect via ssl:
--snip-- Jun 13 08:48:32 devbox imap-login: SSL_accept() failed: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac [192.168.100.88] Jun 13 08:48:32 devbox imap-login: Disconnected [192.168.100.8 --snip--
bye, TOM
Tom,
I had to overwrite the OpenSSL installation in the base. In FreeBSD, you could use -DOPENSSL_OVERWRITE_BASE with your make commands. Dovecot always used the base openssl package, which was the older version, which sounds like the same problem you're having.. Again I don't know anything about NetBSD =\
Mike
On Fri, 13 Jun 2003, tom hensel wrote:
mike,
I had the same problem on FreeBSD 5.1-current. If you search usenet, you'll see that lots of people had problems with OpenSSL 0.9.7a. I've upgraded my OpenSSL on FreeBSD compiling the latest port (0.9.7b), and recompiling Dovecot. Everything works fine now. I've also heard that there is a similar problem with some of the 0.9.6 releases, but I think that should also be fixed with the latest 0.9.6 sources.
nebtsd has a pkgsrc for openssl-0.9.6g - it compiled just fine. recompiling dovecot did not change anything, same error as before. i'm ccing this mail to the maintainter of the pkgsrc, i wonder how dovecot's configure decides wether to use the openssl-libs included with netbsd's or the ones form pkgsrc...
Hope this helps
yeah, thanks a lot ;)
i'm running dovecot 0.99.9.1 on netbsd-current - runs very fine until i try to use sylpheed from my client to connect via ssl:
--snip-- Jun 13 08:48:32 devbox imap-login: SSL_accept() failed: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac [192.168.100.88] Jun 13 08:48:32 devbox imap-login: Disconnected [192.168.100.8 --snip--
bye, TOM
participants (3)
-
Mike Matz
-
tom hensel
-
tom hensel