[Bug 369591] Re: Unable to connect to IMAP w/STARTTLS: Connection reset by peer

Launchpad Bug Tracker 369591 at bugs.launchpad.net
Thu Jul 12 04:18:15 UTC 2012 

[Expired for openssl (Ubuntu) because there has been no activity for 60
days.]

** Changed in: openssl (Ubuntu)
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/369591

Title:
  Unable to connect to IMAP w/STARTTLS: Connection reset by peer

Status in Mail Notification:
  Incomplete
Status in “openssl” package in Ubuntu:
  Expired

Bug description:
  When I try to use mail-notification (5.4.dfsg.1-1ubuntu1 compiled
  w/openssl), I am unable to connect to my IMAP server.  I always get
  the following:

  $ mail-notification -i
  ** INFO: server: resolving server
  ** INFO: server: connecting to server (xxx.xxx.xxx.xxx) port 143
  ** INFO: server: connected successfully
  ** INFO: server: < * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE ACL ACL2=UNION STARTTLS LOGINDISABLED] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.
  ** INFO: server: > a000 STARTTLS
  ** INFO: server: < a000 OK Begin SSL/TLS negotiation now.
  ** INFO: server reported an error: unable to perform the SSL/TLS handshake: Connection reset by peer

  I have used Thunderbird for years to connect to this account.  I
  decided to try the openssl client, and discovered that it will not
  connect unless I force it to use TLS1 like so:

  $ openssl s_client -connect server:143 -starttls imap -tls1

  Without -tls1, I get:

  $ openssl s_client -connect server:143 -starttls imap -msg -prexit
  CONNECTED(00000003)
  >>> SSL 2.0 [length 0074], CLIENT-HELLO
      01 03 01 00 4b 00 00 00 20 00 00 39 00 00 38 00
      00 35 00 00 16 00 00 13 00 00 0a 07 00 c0 00 00
      33 00 00 32 00 00 2f 03 00 80 00 00 05 00 00 04
      01 00 80 00 00 15 00 00 12 00 00 09 06 00 40 00
      00 14 00 00 11 00 00 08 00 00 06 04 00 80 00 00
      03 02 00 80 1a 4c 8c c6 c2 08 ce 27 58 48 84 ce
      30 9e e8 b5 ae 66 c5 0a e8 65 1d e1 82 1a 67 71
      e6 dd 83 dc
  write:errno=104
  ---
  no peer certificate available
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 557 bytes and written 144 bytes
  ---
  New, (NONE), Cipher is (NONE)
  Compression: NONE
  Expansion: NONE
  ---

  Perhaps mail-notification is doing the same thing.  If so, there
  either needs to be a way to explicitly set the protocol, or openssl
  needs to fix its auto-negotiation.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mail-notification/+bug/369591/+subscriptions

More information about the foundations-bugs mailing list