Cyrus Daboo wrote:
>
> --On Wednesday, January 10, 2001 10:51 AM -0500 Jerry Kendall
> <[EMAIL PROTECTED]> wrote:
>
> > When I try to access using TLS I am having some dificulty.
> > My imapd.log file when I connect using Mulbery from Cyrusoft.com:
> > =====
> > Jan 10 11:01:46 gw imapd[1916]: starttls: TLSv1 with cipher DES-CBC3-SHA
> > (168/168 bits) no authentication
> > Jan 10 11:01:52 gw imapd[1916]: PROTERR: Connection reset by peer
> > =====
>
> Hi Jerry,
> Looking at your imtest log shows that there is a server problem:
> the CAPABILITY command being issued after STARTTLS is being rejected by the
> server. This will cause Mulberry to display an error and shut down its
> connection.
>
> I did a test with Mulberry from here against the server address listed in
> the log and saw the same problem.
>
> I'm not sure why the server is refusing CAPABILITY after STARTTLS - it
> really shouldn't as clients are required to re-issue CAPABILITY after
> STARTTLS to make sure they have a legitimate set of authenticators and
> other capability items listed after the secure connection has been created.
>
> Hopefully one of the server experts on this list can explain what is
> causing this and how to fix it.
Not that I consider myself an expert, but this is a bug in 1.6.22. The
server should be upgraded to 1.6.24 or higher, OR apply the following
patch:
*** imapd.c 2000/01/06 22:42:23 1.198
--- imapd.c 2000/05/13 03:54:40 1.198.2.1
***************
*** 1017,1023 ****
continue;
}
cmd_starttls(tag.s);
!
} else if (!imapd_userid) {
goto nologin;
}
--- 1017,1023 ----
continue;
}
cmd_starttls(tag.s);
! continue;
} else if (!imapd_userid) {
goto nologin;
}
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
