On Sun 2018-11-04 11:26:26 +1100, Dmitry Smirnov wrote: > Package: getmail > Version: 5.6-1 > Severity: normal > > getmail no longer works after dist-upgrade to Buster: > > ~~~~ > SimplePOP3SSLRetriever:{USER}@iinet.net...@mail.iinet.net.au:995: > {USER}@iinet.net.au: socket error ([SSL: WRONG_SIGNATURE_TYPE] wrong > signature type (_ssl.c:726)) > ~~~~ > > I tried version 5.7-3 from "unstable" but it fails in the same way...
The problem here is with the behavior of the remote server, so i'm closing this bug report. If you think my analysis below is wrong, feel free to reopen the bug report and explain why! You can replicate the failure on buster with: openssl s_client -connect mail.iinet.net.au:993 In particular, the client is offering in its TLS 1.2 ClientHello a "signature_algorithms" extension that does *not* list rsa_pkcs1_sha1 (0x0201) -- but the server goes ahead and uses that particular signature algorithm in its ServerKeyExchange method. The reason this is excluded is that OpenSSL 1.1.1 is more aggressive about deprecating known-weak cryptographic algorithsm, and in 2018 that includes SHA1. I actually can't even get openssl to offer to accept SHA1 any longer, and that's good :) openssl s_client -sigalgs RSA+SHA1:RSA+SHA256 -connect mail.iinet.net.au:993 only offers Signature Algorithm: rsa_pkcs1_sha256 (0x0401), despite having listed RSA+SHA1! However, you can see the same misbehavior by the server with gnutls-cli, depending on whether you ask it to accept SHA1 signatures or not. compare this failing command: gnutls-cli --priority=NORMAL:-SIGN-RSA-SHA1 mail.iinet.net.au:995 with this succeeding command: gnutls-cli --priority=NORMAL:+SIGN-RSA-SHA1 mail.iinet.net.au:995 So the server operator is offering TLS 1.2 without respecting the client's signature_algorithms extension. Feel free to forward this report to the server operator. And they are welcome to follow up here (whether or not we reopen the bug report) if they want to ask questions or suggest clarifications. Regards, --dkg
signature.asc
Description: PGP signature