Le 17/04/2013 18:40, Joan Moreau a écrit :
Le 17/04/2013 14:18, Viktor Dukhovni a écrit :
On Wed, Apr 17, 2013 at 07:24:23AM +0000, Joan Moreau wrote:
2013-04-17T09:17:36.573675+02:00 server postfix/smtpd[16725]:
warning: TLS library problem: 16725:error:140D308A:SSL
routines:TLS1_SETUP_KEY_BLOCK:cipher or hash
unavailable:t1_enc.c:597: 2013-04-17T09:17:36.573971+02:00 server
postfix/smtpd[16725]: lost connection after CONNECT from
wana-25-254-12-196.wanamaroc.com[196.12.254.25] Can you help ?
No. Install a fresh O/S image on new hardware and use that as your
mail server. If a fresh install with the default Postfix for the
O/S does not work, come back to the Postfix-users list for help.
You've already consumed a lot of cycles on the Postfix-users list.
Now you are trying the openssl-users list without referencing the
prior long thread which shows your system to be messed up.
Please Viktor, I don't need your insults and mis-behaving and lack of
politeness.
My system is not "messed up", I have thousands of people working with
since ages. Now, i'll appreciate very much some help instead of those
useless attacks.
Reading the mentioned postfix-users thread, it seems Viktor is right,
you messed up with your server, compiling and installing your own
cutting-edge kernels and binaries, without using a package manager, on a
production server.
You may try to locate the libraries that have been used during
compilation, and the ones that are used by your running postfix, and
compare them.
The first answer is to be found somewhere in the compilation logs, the
answer to the second question can be found running the following:
ps faux | grep postfix | awk '{ print $2 }' | xargs -L 1 lsof -p | grep
-E "libcrypto|libssl"
considering that your postfix binary runs under the identity "postfix",
and that you're root (or add a sudo before xargs).
I don't think It's a SHA2 error, as I'm rejected by your server when I
contact it with RC4-SHA (something that is permitted by your ciphersuite
string).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
