Hi! On 2012-05-26 05:41, Phil Pennock wrote: > Wolfgang's patch fixing my Cyrus SASL mistake is in head. Anyone object > to the next cut being 4.80 instead of RC6? > > If all goes well, I'll cut on Sunday, just to leave tomorrow for finding > any remaining issues.
Sorry, it's me again;-) I had 4.77 running with gnutls but tried 4.80 with openssl 0.9.8x until today.... I've built gnutls 2.12.19 from source. I build exim as before. If I try to connect with thunderbird from Fedora 16 it fails to connect and exim logs: ...(gnutls_handshake): A TLS packet with unexpected length was received. Searching in older Logs my Thunderbird connected with X=TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32 to 4.77 with gnutls. The server uses a self-signed certificate. Same for gnutls-cli or openssl s_client. Both fail to negotiate a TLS session using STARTTLS. gnutls-cli (2.12.14-fc16) fails with *** Starting TLS handshake *** Fatal error: A TLS packet with unexpected length was received. *** Handshake has failed Connecting with openssl s_client shows an extensive amount of 25626 LOG: MAIN PANIC DIE 25626 string_format: unsupported type in "%z" in "tls_do_write(%p, %zu) 25626 " in exim debug output. gnutls-cli -v 255 shows: starttls 220 TLS go ahead *** Starting TLS handshake |<2>| ASSERT: gnutls_constate.c:695 |<4>| REC[0x969a860]: Allocating epoch #1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA256 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA256 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA256 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: RSA_AES_128_CBC_SHA256 |<3>| HSK[0x969a860]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: RSA_AES_256_CBC_SHA256 |<3>| HSK[0x969a860]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 |<3>| HSK[0x969a860]: Keeping ciphersuite: RSA_ARCFOUR_MD5 |<2>| EXT[0x969a860]: Sending extension SERVER NAME (20 bytes) |<2>| EXT[0x969a860]: Sending extension SAFE RENEGOTIATION (1 bytes) |<2>| EXT[0x969a860]: Sending extension SESSION TICKET (0 bytes) |<2>| EXT[SIGA]: sent signature algo (4.2) DSA-SHA256 |<2>| EXT[SIGA]: sent signature algo (4.1) RSA-SHA256 |<2>| EXT[SIGA]: sent signature algo (2.1) RSA-SHA1 |<2>| EXT[SIGA]: sent signature algo (2.2) DSA-SHA1 |<2>| EXT[0x969a860]: Sending extension SIGNATURE ALGORITHMS (10 bytes) |<3>| HSK[0x969a860]: CLIENT HELLO was sent [140 bytes] |<6>| BUF[HSK]: Inserted 140 bytes of Data |<7>| HWRITE: enqueued 140. Total 140 bytes. |<7>| HWRITE FLUSH: 140 bytes in buffer. |<4>| REC[0x969a860]: Sending Packet[0] Handshake(22) with length: 140 |<7>| WRITE: enqueued 145 bytes for 0x5. Total 145 bytes. |<4>| REC[0x969a860]: Sent Packet[1] Handshake(22) with length: 145 |<7>| HWRITE: wrote 140 bytes, 0 bytes left. |<7>| WRITE FLUSH: 145 bytes in buffer. |<7>| WRITE: wrote 145 bytes, 0 bytes left. |<7>| READ: Got 0 bytes from 0x5 |<7>| READ: read 0 bytes from 0x5 |<2>| ASSERT: gnutls_buffers.c:640 |<2>| ASSERT: gnutls_record.c:969 |<2>| ASSERT: gnutls_handshake.c:2762 |<6>| BUF[HSK]: Cleared Data from buffer *** Fatal error: A TLS packet with unexpected length was received. |<4>| REC: Sending Alert[2|22] - Record overflow |<4>| REC[0x969a860]: Sending Packet[1] Alert(21) with length: 2 |<7>| WRITE: enqueued 7 bytes for 0x5. Total 7 bytes. |<7>| WRITE FLUSH: 7 bytes in buffer. |<7>| WRITE: wrote 7 bytes, 0 bytes left. |<4>| REC[0x969a860]: Sent Packet[2] Alert(21) with length: 7 *** Handshake has failed Am I doing something terrible wrong? Greetings, Wolfgang -- Wolfgang Breyha <[email protected]> | http://www.blafasel.at/ Vienna University Computer Center | Austria -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
