[Dovecot] SSL connections frozen on Dovecot 1.0.0

Thibault VINCENT thibault.vincent at opentrust.com
Thu Aug 23 15:24:46 EEST 2007


Hello,

We are running Dovecot 1.0.0 (Debian Etch, Backports.org, OpenSSL) in a 
production environment and we experience sporadic SSL connection problems.
At the moment, it's difficult to tell if the server goes back to normal 
operation after some time or if it can be reproduces at any time because we 
have to restart it as soon as we get Nagios alerts.

Some tests with openssl s_client have shown difficulties to proceed the SSL 
handshake (hanging at different stages), or no response to IMAP commands.

SSL client used: openssl s_client -host imap -port 993

- First case : s_client hangs on the first output "CONNECTED(00000003)" and 
there is no handshake at all;
- Second case : like the first but the handshake starts after a few minutes;
- Third case : the handshake goes fine but the "OK" server banner is never 
sent (no response to commands);
- Fourth case : the greeting banner is received but dovecot will never answer.

The configuration file is almost identical to the default and SSL certificate 
is not the autogenerated one.
Log files do not show dying process.


I've searched the ML archive for SSL issues but not found related bug.
Does anyone use the Backport.org package of Dovecot ?


Thank you :)

-- 
Thibault VINCENT
tibal at reloaded.fr
thibault.vincent at reloaded.fr
PGP Key : 0x4BA8A39B


More information about the dovecot mailing list