Re: TLS not working with iOS beta?

Henrik Johansson via dovecot Sun, 08 Sep 2019 02:44:34 -0700


> On 4 Sep 2019, at 21:35, Jean-Daniel <[email protected]> wrote:
> 
> Just a wild guess as I didn’t try to configure Mail on Catalina yet, but it 
> looks like your server only supports ‘DHE-RSA…’ ciphers.
> I think that modern systems prefers using ECDHE key exchange and would not be 
> surprise if iOS requires it.
>


Well I got the OpenSSL parts working now, but newer versions still refuses to 
work after establishing with ECDHE, I just get no login attempts and no user:

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, 
rip=55.66.77.88, lip=11.22.33.44, TLS, TLSv1.2 with cipher 
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)

Regards
Henrik



Non working iOS 13

Sep 08 11:25:47 auth: Debug: auth client connected (pid=23934)
SeSep 08 11:25:47 auth: Debug: auth client connected (pid=23934)p 08 11:25:47 
imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x10, ret=1: before/accept 
initialization
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept 
initialization
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept 
initialization
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read 
client hello A
SeSep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read 
client hello A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client 
hello A
SSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client 
hello A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server 
hello A
SSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write 
server hello A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write 
certificate A
SSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write 
certificate A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key 
exchange A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key 
exchange A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server 
done A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client 
certificate A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client 
key exchange A
Sep 08 11:25:47 imap-login: Debug: SSL: whereSep 08 11:25:47 imap-login: Debug: 
SSL: where=0x2001, ret=1: SSLv3 write server done A =0x2002,Sep 08 11:25:47 
imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client 
certificate A
Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
Sep 08 1Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 
read client key exchange A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client 
key exchange A
1:25Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read 
client key exchange A
:Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read 
client key exchange A
4Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client 
key exchange A
11:25:47 imap-login: Debug: SSL alert: close notify
Sep 08 11:Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 
read certificate verify A
25Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read 
finished A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change 
cipher spec A
:47 Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write 
finished A
iSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
map-Sep 08 11:25:47 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation 
finished successfully
SSLv3 write key exchange A
Sep 08 11:24:09 imap-login: Debug: SSL: wherSep 08 11:25:47 imap-login: Debug: 
SSL: where=0x2002, ret=1: SSL negotiation finished successfully e=0x2001, 
ret=1:Sep 08 11:25:47 imap-login: Debug: SSL alert: close notify
Sep 08 11:25:47 imap-login: Info: Aborted login (no auth attempts in 0 secs): 
user=<>, rip=55.66.77.88, lip=11.22.33.44, TLS, TLSv1.2 with cipher 
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits), session=<fU+qvQeSGTJb6jE9>
SSLvSep 08 11:25:47 imap-login: Debug: SSL alert: close notify


Working MacOS  10.14.6

Sep 08 11:24:09 auth: Debug: auth client connected (pid=23912)
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x10, ret=1: before/accept 
initialization
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept 
initialization
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read 
client hello A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client 
hello A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server 
hello A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write 
certificate A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key 
exchange A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server 
done A
ep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client 
key exchange A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client 
key exchange A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, reSep 08 11:24:09 
imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client 
certificate A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client 
key exchange A
ep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client 
key exchange A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client 
key exchange A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client 
key exchange A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client 
key exchange A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read 
certificate verify A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read 
finished A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read 
finished A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change 
cipher spec A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write 
finished A
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation 
finished successfully
Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation 
finished successfully

Re: TLS not working with iOS beta?

Reply via email to