The sylpheed mailer uses SSLv23_client_method to establish the imap/smtp
connections. My mailserver seems to understand only SSLv3. If I connect
manually using the commandline client, sslv2 fails while sslv3 seems to

The sslv2 output is as follows:
$ openssl s_client -ssl2 -connect
139651264628368:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake
no peer certificate available
No client certificate CA names sent
SSL handshake has read 7 bytes and written 48 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
    Protocol  : SSLv2
    Cipher    : 0000
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1389010802
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)

If I use -ssl3, the connection is established correctly. Sylpheed
however, which uses  SSL_CTX_new(SSLv23_client_method()) fails with 

SSL_connect() failed with error 1, ret = -1 (error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure)

I would like to tell openssl to enforce sslv3 only for that host as a
temporary workaround, is it possible to globally configure openssl in
that way or would I have to patch sylpheed until the issue is resolved?

Best regards

OpenSSL Project                       
Development Mailing List             
Automated List Manager                 

Reply via email to