I recently posted a message to the list with details of a problem i am experiencing with Qpopper ver 4.04 with SSL/TLS enabled using Openssl version 0.9.6e It seems like this probelm has been ongoing for the past 2 years but there has been no fix. From my investigations it appears that the the problem may exist in the qpopper implementation of the SSL libraries, hence my posting to both lists, Im kinda desperate now so any help would be apreciated!
details as follows. When downloading files with SSL enabled, we get this error in the logs This is not a chunky write problem as my qpopper configuration file is made up of the following set tls-support = alternate-port set tls-server-cert-file = /etc/mail/certs/cert.pem set chunky-writes = always Various people on the qpopper mailing list seem to have experienced this problem http://www.pensive.org/Mailing_Lists/Archives/Qpopper/Archive-2001-12-20.htm l#[20] and http://www.pensive.org/mailing_lists/Archives/qpopper/Archive-2002-05-30.htm l#[45] But there doesnt seem to be any fix available or explanation as to causes it. Neither is this problem acknowledged in the current Qpopper Faq Aug 15 14:22:52 dogbert qpopper[6684]: I/O Error Aug 15 14:22:52 dogbert qpopper[6684]: Error writing to client Aug 15 14:22:52 dogbert qpopper[6684]: user at m119-mp1.cvx1-a.dialup.com (192.168.1.0): -ERR SIGHUP or SIGPIPE flagged Aug 15 14:22:52 dogbert qpopper[6684]: OpenSSL Error during write Aug 15 14:22:52 dogbert qpopper[6684]: ...SSL error: error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write retry After looking through the archives, i found this When SSL_write is called again after another function, SSL_ERROR_WANT_..., it must get exactly the same buffer because parts of the buffer contents may already have been encrypted and wait in interal buffers while others may not yet have been looked at. What's really important is that buffer *contents* stay the same, but as a sanity check to avoid application bugs the OpenSSL library checks whether the buffer *address* is not changed. This check can be disabled by setting SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER for that SSL object, using SSL_set_mode (or SSL_CTX_set_mode on the SSL_CTX before SSL_new is called). Not being a programmer of any kind i am unable to implement this fix help from you guys would be greatly appreciated
