[Dovecot] SSL errors for just one client after updaing both dovecot and openssl
Timo Sirainen
tss at iki.fi
Sun Feb 24 16:55:06 EET 2013
On 23.2.2013, at 18.03, Charles Marcus <CMarcus at Media-Brokers.com> wrote:
> Ok, I have a strange problem after updating both dovecot and openssl...
>
> OpenSSL was 1.0.0j, now updated to 1.0.1c
> Dovecot was 2.1.13, now updated to 2.1.15
>
> I'm getting a bunch of lines like the following:
>
> Feb 23 10:48:01 myhost dovecot: imap-login: Disconnected (no auth attempts in 29 secs): user=<>, rip=#.#.#.#, lport=993, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session=<In+cO2bWngCthJz2>
>
> where only the session id (and number of seconds for no auth attempts) is different...
>
> This is happening for only the one client. All other clients - I've counted about 25 so far - are working fine.
>
> Anyone have any ideas? I can't believe it is a generic openssl problem, since it is only affecting the one client.
Most likely related to the OpenSSL upgrade. Dovecot at least didn't change anything SSL related. You could see if verbose_ssl=yes logs anything interesting. And like Reindi mentioned, ssl_cipher_list is pretty much the only thing in Dovecot's configuration that may be related to this.
More information about the dovecot
mailing list