Gnus + Cyrus IMAPD + SSL stopped working

emacs-pretest-bug
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Gnus + Cyrus IMAPD + SSL stopped working

From:	Peter 'Luna' Runestig
Subject:	Gnus + Cyrus IMAPD + SSL stopped working
Date:	24 Sep 2003 22:18:07 +0200
Symptoms:

Reading imap mail from a Cyrus 2.1.12 imap server over SSL, using Gnus,
on Windows XP, with OpenSSL 0.9.7b, has stopped working for me. Emacs
stops forever with this message:

imap: Opening SSL connection with `openssl s_client -quiet -ssl3 -connect 
%s:%p'...

AFAICS, it has something to do with this change to gnus/imap.el:

--- imap.el.old 2003-02-21 22:49:24.000000000 +0100
+++ imap.el     2003-09-24 15:46:58.000000000 +0200
@@ -188,10 +187,10 @@
   :group 'imap
   :type '(repeat string))
 
-(defcustom imap-ssl-program '("openssl s_client -ssl3 -connect %s:%p"
-                             "openssl s_client -ssl2 -connect %s:%p"
-                             "s_client -ssl3 -connect %s:%p"
-                             "s_client -ssl2 -connect %s:%p")
+(defcustom imap-ssl-program '("openssl s_client -quiet -ssl3 -connect %s:%p"
+                             "openssl s_client -quiet -ssl2 -connect %s:%p"
+                             "s_client -quiet -ssl3 -connect %s:%p"
+                             "s_client -quiet -ssl2 -connect %s:%p")
   "A string, or list of strings, containing commands for SSL connections.
 Within a string, %s is replaced with the server address and %p with
 port number on server.  The program should accept IMAP commands on

I.e. the `-quiet' switch is added to the openssl tool command line.
Removing that `-quiet' switch fixes the problem. Aparently, something
in the openssl output parsing code doesn't agree with the "quiet"
output. Here is some openssl output samples, with and without the
`-quiet' switch:

D:\>openssl s_client -quiet -ssl3 -connect imap.runestig.com:993
Loading 'screen' into random state - done
depth=1 /C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services 
Division/CN=LunaBIT Server CA/address@hidden
verify error:num=19:self signed certificate in certificate chain
verify return:0
* OK arthur.runestig.com Cyrus IMAP4 v2.1.12 server ready
. logout
* BYE LOGOUT received
. OK Completed
read:errno=0

D:\>openssl s_client -ssl3 -connect imap.runestig.com:993
Loading 'screen' into random state - done
CONNECTED(00000790)
depth=1 /C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services 
Division/CN=LunaBIT Server CA/address@hidden
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
 0 s:/C=SE/L=Bollnaes/O=LunaBIT/CN=imap.runestig.com
   i:/C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services Division/CN=LunaBIT 
Server CA/address@hidden
 1 s:/C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services Division/CN=LunaBIT 
Server CA/address@hidden
   i:/C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services Division/CN=LunaBIT 
Server CA/address@hidden
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDlzCCAwCgAwIBAgIBFDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCU0Ux
ETAPBgNVBAcTCEJvbGxuYWVzMRAwDgYDVQQKEwdMdW5hQklUMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMRowGAYDVQQDExFMdW5hQklU
IFNlcnZlciBDQTEoMCYGCSqGSIb3DQEJARYZc2VydmVyLWNlcnRzQHJ1bmVzdGln
LmNvbTAeFw0wMTA1MjExMjMxMTlaFw0wMjA1MjExMjMxMTlaME4xCzAJBgNVBAYT
AlNFMREwDwYDVQQHEwhCb2xsbmFlczEQMA4GA1UEChMHTHVuYUJJVDEaMBgGA1UE
AxMRaW1hcC5ydW5lc3RpZy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
AMs5OPi0PM+UYDaa7Xk33QvMzqtAs8hPBA+xAuLkI+12TDvMv2fRdgDYzLd0XJfM
IUc1TJOIjeV+lJUT0hIifa9txOhN3gkJJHbCoUqWdN2c1sA/sAPUjMQKhdne0ezj
nu7s19Y6oonqZIr5IbOWff7rYgc2IIvjwxOMUKTvNUdNAgMBAAGjggEuMIIBKjAd
BgNVHQ4EFgQUujhQPn5mK4yxOLPTGPdY2sSxrTIwgc8GA1UdIwSBxzCBxIAUybO9
TgXs8o4ZRkMWvKkTN469DEOhgaikgaUwgaIxCzAJBgNVBAYTAlNFMREwDwYDVQQH
EwhCb2xsbmFlczEQMA4GA1UEChMHTHVuYUJJVDEoMCYGA1UECxMfQ2VydGlmaWNh
dGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEaMBgGA1UEAxMRTHVuYUJJVCBTZXJ2ZXIg
Q0ExKDAmBgkqhkiG9w0BCQEWGXNlcnZlci1jZXJ0c0BydW5lc3RpZy5jb22CAQAw
NwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL3d3dy5ydW5lc3RpZy5jb20vTHVuYUJJ
VC1DQS5jcmwwDQYJKoZIhvcNAQEFBQADgYEAE4zUDUWKsuukHLNvM5dDkelsJRyE
wngKjyTWGwYkCvifQmxjGMtrmb4jilj1joTBuRfej8oWFagn91vuf94D7j8G6Uw8
mtAyej5coTw9q2wLW4X99k1CfymUaejx7wzDsmfzh/bG/5DNz2KECoi4F5KU7rw6
YEReQoL7ZKdYDB8=
-----END CERTIFICATE-----
subject=/C=SE/L=Bollnaes/O=LunaBIT/CN=imap.runestig.com
issuer=/C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services Division/CN=LunaBIT 
Server CA/address@hidden
---
No client certificate CA names sent
---
SSL handshake has read 2068 bytes and written 314 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
SSL-Session:
    Protocol  : SSLv3
    Cipher    : AES256-SHA
    Session-ID: E22098F758D904BCDA54A7E6710033329985E17DDF62B82C66A0C90ED70CA287

    Session-ID-ctx:
    Master-Key: 
B6F34D85919679CD35454F750C8E01F85112C9598A20B0D51066096BD6C4DC37D3B68E09019747D9ACCC7E3E408B5A53
    Key-Arg   : None
    Start Time: 1064433110
    Timeout   : 7200 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
* OK arthur.runestig.com Cyrus IMAP4 v2.1.12 server ready
. logout
* BYE LOGOUT received
. OK Completed
read:errno=0

In GNU Emacs 21.3.50.1 (i386-msvc-nt5.1.2600)
 of 2003-09-24 on BOLL-R2
configured using `configure --with-msvc (12.00)'

Important settings:
  value of $LC_ALL: nil
  value of $LC_COLLATE: nil
  value of $LC_CTYPE: nil
  value of $LC_MESSAGES: nil
  value of $LC_MONETARY: nil
  value of $LC_NUMERIC: nil
  value of $LC_TIME: nil
  value of $LANG: sve
  locale-coding-system: iso-latin-1
  default-enable-multibyte-characters: t

Recent input:
<return> y <help-echo> <down-mouse-2> <mouse-2> <return> 
q q y <help-echo> <help-echo> <help-echo> <help-echo> 
<help-echo> <help-echo> <help-echo> <help-echo> <help-echo> 
<help-echo> <help-echo> <help-echo> <help-echo> <menu-bar> 
<help-menu> <report-emacs-bug>

Recent messages:
Saving d:/luna/.newsrc.eld...
Saving file d:/luna/.newsrc.eld...
Wrote d:/luna/.newsrc.eld
Saving d:/luna/.newsrc.eld...done
Garbage:  done
Garbage: depth=1 /C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services 
Division/CN=LunaBIT Server CA/address@hidden
Garbage: verify error:num=19:self signed certificate in certificate chain
Garbage: verify return:0
Garbage: read:errno=0
Loading emacsbug...done


-- 
Peter 'Luna' Runestig (fd. Altberg), Sweden <address@hidden>
PGP Key ID: 0xD07BBE13
Fingerprint: 7B5C 1F48 2997 C061 DE4B  42EA CB99 A35C D07B BE13
AOL Instant Messenger Screen name: PRunestig
Yahoo! Messenger profile name: altberg
[Prev in Thread]
Current Thread
[Next in Thread]
Gnus + Cyrus IMAPD + SSL stopped working, Peter 'Luna' Runestig <=
Prev by Date: Recent change of lm-with-file in emacs-lisp/lisp-mnt.el.
Next by Date: Re: (no subject)
Previous by thread: Recent change of lm-with-file in emacs-lisp/lisp-mnt.el.
Next by thread: dired-noselect.
Index(es):
- Date
- Thread