[Dovecot] gnutls_handshake problem
I'm trying to bring dovecot up on Debian/stable using Christof Meerwald's unofficial packages (cmeerw.org/debian/). This package seems to work fine on Debian/testing. There error I'm getting on the stable box is:
gnutls_handshake: A TLS fatal alert has been received.(Bad record MAC)
Any guesses?
-- Jacob Elder
(03.06.03 kl.13:49) Jacob Elder skrev följande till dovecot@procontrol.fi:
I'm trying to bring dovecot up on Debian/stable using Christof Meerwald's unofficial packages (cmeerw.org/debian/). This package seems to work fine on Debian/testing. There error I'm getting on the stable box is:
gnutls_handshake: A TLS fatal alert has been received.(Bad record MAC)
Any guesses?
Check versions of libgcrypt and gnutls.
I would recommend compiling libgcrypt, gnutls and dovecot by hand.
The actual error message doesnt tell me more than that the handshake failed. Either server or client (or both) is in error.
Jens Låås
-- Jacob Elder
'This mail automatically becomes portable when carried.'Jens Låås Email: jens.laas@data.slu.se
Department of Computer Services, SLU Phone: +46 18 67 35 15
Vindbrovägen 1
P.O. Box 7079
S-750 07 Uppsala
SWEDENOn Tue, 3 Jun 2003 13:49:20 -0400, Jacob Elder wrote:
I'm trying to bring dovecot up on Debian/stable using Christof Meerwald's unofficial packages (cmeerw.org/debian/). This package seems to work fine on Debian/testing. There error I'm getting on the stable box is:
gnutls_handshake: A TLS fatal alert has been received.(Bad record MAC)
Any guesses?
I guess you get this error message from your mail client (because my dovecot packages are linked against openssl). Does it work if you connect from Debian testing to dovecot running on Debian stable?
IMO, Debian woody's guntls package is too old and shouldn't be considered stable.
bye, Christof
-- http://cmeerw.org JID: cmeerw@jabber.at mailto cmeerw at web.de
On Sat, 7 Jun 2003, Christof Meerwald wrote:
On Tue, 3 Jun 2003 13:49:20 -0400, Jacob Elder wrote:
I'm trying to bring dovecot up on Debian/stable using Christof Meerwald's unofficial packages (cmeerw.org/debian/). This package seems to work fine on Debian/testing. There error I'm getting on the stable box is:
gnutls_handshake: A TLS fatal alert has been received.(Bad record MAC)
Any guesses?
I guess you get this error message from your mail client (because my dovecot packages are linked against openssl). Does it work if you connect from Debian testing to dovecot running on Debian stable?
IMO, Debian woody's guntls package is too old and shouldn't be considered stable.
Btw, did you know I already provide a backport to woody at http://www.braincells.com/open/ ? I keep it in sync with my official packages.
Anyway I've noticed this too, and I have a feeling it might be something to do with the way we're generating a self-signed certificate. I haven't had much time to do an exhaustive investigation but I hope I might have soe time this weekend.
-- Jaldhar H. Vyas <jaldhar@debian.org> La Salle Debain - http://www.braincells.com/debian/
participants (4)
-
Christof Meerwald
-
Jacob Elder
-
Jaldhar H. Vyas
-
Jens Laas