On Tue, May 24, 2022 at 07:45:03PM +0200, Maik wrote:
> On Sun, May 22, 2022 at 09:53:29PM +1200, Avon Robertson wrote:
> > On Sun, May 22, 2022 at 10:15:35AM +1200, Avon Robertson wrote:
> > > On Fri, May 20, 2022 at 10:25:39PM +1200, Avon Robertson wrote:
> > > > On Fri, May 20, 2022 at 10:47:12AM +0200, Theo Buehler wrote:
> > > > > On Fri, May 20, 2022 at 04:08:25PM +1200, Avon Robertson wrote:
> > > > > > I have been unable to fetch mail with mutt on this host using
> > > > > > either the
> > > > > > currently installed snapshot and mutt package, or the snapshot and
> > > > > > mutt
> > > > > > package that had been installed 2-3 days previously.
> > > > > >
> > > > > > I have been able to send mail using mutt in conjuction with msmtp
> > > > > > from
> > > > > > this host.
> > > > > >
> > > > > > mutt's error-history command displays
> > > > > >
> > > > > > Reading /home/aer/var/mail/inbox...
> > > > > > Reading /home/aer/var/mail/inbox... 0
> > > > > > Looking up pop3.xtra.co.nz...
> > > > > > Connecting to pop3.xtra.co.nz...
> > > > > > SSL failed: error:14007086:SSL routines:CONNECT_CR_CERT:certificate
> > > > > > +verify failed
> > > > > > Error connecting to server: pop3.xtra.co.nz
> > > > >
> > > > > There is a good chance that this is a bug I introduced by adding a
> > > > > more
> > > > > stringent check when rewriting ASN1_STRING_to_UTF8(). This can now
> > > > > fail
> > > > > if passed an uninitialized pointer. This bug should be fixed via
> > > > > x509_utl.c r1.3 and a_string.c r1.11 which add initialization and
> > > > > relax
> > > > > the check again.
> > > > >
> > > > > X509_verify_cert()
> > > > > x509_verify()
> > > > > x509_verify_cert_hostname()
> > > > > X509_check_host()
> > > > > do_x509_check()
> > > > > do_check_string()
> > > > > ASN1_STRING_to_UTF8()
> > > > >
> > > > > If this is the problem, you can fix this by checking out very current
> > > > > sources and rebuilding libcrypto
> > > > >
> > > > > cd /usr/src/lib/libcrypto
> > > > > make obj
> > > > > doas make includes
> > > > > make
> > > > > doas make install
> > > > >
> > > > > or you can wait for a new snapshot including this fix and try again.
> > > >
> > > > Thank you for your response Theo. It past my bed time tonight. Tomorrow
> > > > I will do what you have suggested above.
> > > >
> > > > Regards
> > > > --
> > > > aer
> > > >
> > >
> > > The latest snapshot from mirror.aaarnet.edu.au was installed near
> > > midday the following day on the affected host and all packages were
> > > updated. The host was then powered down. Unfortunately, when it was
> > > later powered on I found that the power supply had died and that I would
> > > have to buy a replacement.
> > >
> > > So, this morning one day later, I installed the latest snapshot from
> > > the above mirror on a Dell M6600 laptop and updated all installed
> > > packages. The kernel and mutt versions are now:
> > >
> > > kern.version=OpenBSD 7.1-current (GENERIC.MP) #537: Fri May 20 22:45:40
> > > MDT 2022
> > > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> > >
> > > drwxr-xr-x 2 root wheel 512 May 21 18:41 mutt-2.2.5v3-gpgme-sasl
> > >
> > > Alas, the same mutt error occurs as shown above. Later today if time
> > > permits, else tomorrow; I will build libcrypto on the laptop and see if
> > > this fixes the error.
> > >
> > > Regards
> > > --
> > > aer
> > >
> >
> > The libcrypto build and install as outlined above by Theo was completed
> > without error a few minutes ago on the Dell M6600. It was then rebooted
> > and mutt's G command was invoked to fetch mail from pop3.xtra.co.nz.
> >
> > Sadly the attempt failed and mutt's error-history command displayed the
> > same error as above.
> >
> > So perhaps mutt's fetch-mail error is unrelated to libcrypto's recent
> > bug.
> >
> > Any hints or advice to resolve this issue?
> >
> > Regards
> > --
> > aer
> >
>
> I had a similiar problem recently (though I don't remember the error
> messages so not sure if this will help), in my case I had mutt installed
> without SASL support, you can check with mutt -v | grep sasl and if it
> shows "-sasl" in the output (second line) reinstall a mutt-flavor that
> includes sasl
Thank you for responding Maik.
A few lines above you will see that the installed mutt package is:
mutt-2.2.5v3-gpgme-sasl.
The output of 'mutt -v' includes:
'--with-sasl=/usr/local', '--enable-gpme', and '--with-ssl'.
This matter is still unresolved unfortunatly.
--
aer
