Hello,I have managed to debug the problem a bit further. With libssl 1.0.2a I note that the following command gets stuck
openssl s_client -connect imap.some.org:993 it outputs CONNECTED(00000003) and hangs until there’s a timeout.On the other hand, the following command successfully establishes a connection:
openssl s_client -tls1 -connect imap.some.org:993 Part of the output is New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiatedConsequently, I tried forcing TLSv1 in mbsync by specifying in ~/.mbsyncrc
UseTLSv1 yes UseTLSv1.1 no UseTLSv1.2 noBut this doesn't seem to change anything, mbsync still gets stuck until there’s a timeout, just like I described in my previous message. This is not actually not surprising, at the above three lines are just mbsync’s defaults.
Finally, I was able to get it to work using the following in ~/.mbsyncrc
IMAPAccount some-remote-account RequireSSL no User myuser Pass secret CertificateFile /home/cwg/14-x509-certs/some.pemTunnel "/usr/bin/openssl s_client -CAfile /home/cwg/14-x509-certs/some.pem -tls1 -connect imap.some.org:993 -quiet"
I still do not understand which part of the software stack is responsible for this issue to which extent: isync, Microsoft’s IMAP server, or OpenSSL. It would be great if someone with understanding could tell me, so that I can report the issue appropriately (not that I see any chances in reporting to Microsoft…).
Thanks Christoph
signature.asc
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ isync-devel mailing list isync-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/isync-devel
