Bug#944191: mutt: Mutt Fails GNU TLS Handshake
On Wed, Nov 13, 2019 at 06:39:01AM +, Antonio Radici wrote: > On Tue, Nov 12, 2019 at 12:18:14PM -0600, David Engel wrote: > > On Sat, Nov 09, 2019 at 05:52:59PM +, Antonio Radici wrote: > > > On Tue, Nov 05, 2019 at 10:23:25AM -0600, David Engel wrote: > > > > Package: mutt > > > > Version: 1.12.2-1 > > > > Severity: normal > > > > > > > > Beginning with version 1.12.2-1, Mutt fails GNU TLS handshake with the > > > > following error when connecting to an MS Exchange server: > > > > > > > > gnutls_handshake: A packet with illegal or unsupported version was > > > > received. > > > > > > > > The problem does not exist with Mutt version 1.10.1-2.1. > > > > > > > > > > Is this pop3 or imap or smtp? > > > > Imap. > > > > > Could you include the muttdebug file which is obtained by using the debug > > > option > > > with mutt? be aware that your personal information (including password) > > > might be > > > there, so please remove that before attaching it to the bug. > > > > .muttdebug0 from running with -d2 is attached. It doesn't appear to > > be of much help. > > Do you know which version of TLS your imap server is using? > be aware that version < 1.2 are not supported and you will have to enable them > on .muttrc explicitely if you need them (see man muttrc, look for > 'ssl_use_tlsv1' > and 'ssl_use_tlsv1_1' Our Exchange server is using TLS 1.0. The debug output from neomutt, which still worked, confirmed it. Enabling ssl_use_tlsv1 allows the new mutt to work too. Thanks. I'm going to go talk to our IT guy now. He recently had to rebuild our Exchange server and probably didn't know or forgot to upgrade something. David -- David Engel Intrusion, Inc. den...@intrusion.com
Bug#944191: mutt: Mutt Fails GNU TLS Handshake
On Tue, Nov 12, 2019 at 12:18:14PM -0600, David Engel wrote: > On Sat, Nov 09, 2019 at 05:52:59PM +, Antonio Radici wrote: > > On Tue, Nov 05, 2019 at 10:23:25AM -0600, David Engel wrote: > > > Package: mutt > > > Version: 1.12.2-1 > > > Severity: normal > > > > > > Beginning with version 1.12.2-1, Mutt fails GNU TLS handshake with the > > > following error when connecting to an MS Exchange server: > > > > > > gnutls_handshake: A packet with illegal or unsupported version was > > > received. > > > > > > The problem does not exist with Mutt version 1.10.1-2.1. > > > > > > > Is this pop3 or imap or smtp? > > Imap. > > > Could you include the muttdebug file which is obtained by using the debug > > option > > with mutt? be aware that your personal information (including password) > > might be > > there, so please remove that before attaching it to the bug. > > .muttdebug0 from running with -d2 is attached. It doesn't appear to > be of much help. Do you know which version of TLS your imap server is using? be aware that version < 1.2 are not supported and you will have to enable them on .muttrc explicitely if you need them (see man muttrc, look for 'ssl_use_tlsv1' and 'ssl_use_tlsv1_1'
Bug#944191: mutt: Mutt Fails GNU TLS Handshake
On Sat, Nov 09, 2019 at 05:52:59PM +, Antonio Radici wrote: > On Tue, Nov 05, 2019 at 10:23:25AM -0600, David Engel wrote: > > Package: mutt > > Version: 1.12.2-1 > > Severity: normal > > > > Beginning with version 1.12.2-1, Mutt fails GNU TLS handshake with the > > following error when connecting to an MS Exchange server: > > > > gnutls_handshake: A packet with illegal or unsupported version was received. > > > > The problem does not exist with Mutt version 1.10.1-2.1. > > > > Is this pop3 or imap or smtp? Imap. > Could you include the muttdebug file which is obtained by using the debug > option > with mutt? be aware that your personal information (including password) might > be > there, so please remove that before attaching it to the bug. .muttdebug0 from running with -d2 is attached. It doesn't appear to be of much help. David -- David Engel Intrusion, Inc. den...@intrusion.com [2019-11-12 12:09:15] Mutt/1.12.2 (2019-09-21) debugging at level 2 [2019-11-12 12:09:15] In mutt_reflow_windows [2019-11-12 12:09:15] In mutt_reflow_windows [2019-11-12 12:09:15] In mutt_reflow_windows [2019-11-12 12:09:15] In mutt_reflow_windows [2019-11-12 12:09:15] Reading configuration file '/etc/Muttrc'. [2019-11-12 12:09:15] Reading configuration file '/usr/lib/mutt/source-muttrc.d|'. [2019-11-12 12:09:15] Reading configuration file '/etc/Muttrc.d/charset.rc'. [2019-11-12 12:09:15] Reading configuration file '/etc/Muttrc.d/colors.rc'. [2019-11-12 12:09:15] Reading configuration file '/etc/Muttrc.d/compressed-folders.rc'. [2019-11-12 12:09:15] Reading configuration file '/etc/Muttrc.d/gpg.rc'. [2019-11-12 12:09:15] Reading configuration file '/etc/Muttrc.d/htmail-view.rc'. [2019-11-12 12:09:15] Reading configuration file '/etc/Muttrc.d/smime.rc'. [2019-11-12 12:09:15] Reading configuration file '/home/david/.mutt/muttrc'. [2019-11-12 12:09:15] In mutt_reflow_windows [2019-11-12 12:09:15] Reading configuration file '/home/david/.aliases'. [2019-11-12 12:09:15] Reading imaps://den...@supernova.intrusion.com/... [2019-11-12 12:09:15] Looking up supernova.intrusion.com... [2019-11-12 12:09:15] Connecting to supernova.intrusion.com... [2019-11-12 12:09:15] gnutls_handshake: A packet with illegal or unsupported version was received. [2019-11-12 12:09:17] Connected to supernova.intrusion.com:993 on fd=4 [2019-11-12 12:09:19] Closing connection to supernova.intrusion.com... [2019-11-12 12:09:19] 4> a LOGOUT [2019-11-12 12:09:19] Error: no TLS socket open [2019-11-12 12:09:21] mutt_socket_write: error writing (No such file or directory), closing socket [2019-11-12 12:09:21] mutt_socket_readchar: attempt to read from closed connection. [2019-11-12 12:09:21] imap_cmd_step: Error reading server response. [2019-11-12 12:09:21] mutt_socket_close: Attempt to close closed connection. [2019-11-12 12:09:21] mutt_buffer_pool_free: 5 of 5 returned to pool
Bug#944191: mutt: Mutt Fails GNU TLS Handshake
On Tue, Nov 05, 2019 at 10:23:25AM -0600, David Engel wrote: > Package: mutt > Version: 1.12.2-1 > Severity: normal > > Beginning with version 1.12.2-1, Mutt fails GNU TLS handshake with the > following error when connecting to an MS Exchange server: > > gnutls_handshake: A packet with illegal or unsupported version was received. > > The problem does not exist with Mutt version 1.10.1-2.1. > Is this pop3 or imap or smtp? Could you include the muttdebug file which is obtained by using the debug option with mutt? be aware that your personal information (including password) might be there, so please remove that before attaching it to the bug.
Bug#944191: mutt: Mutt Fails GNU TLS Handshake
Package: mutt Version: 1.12.2-1 Severity: normal Beginning with version 1.12.2-1, Mutt fails GNU TLS handshake with the following error when connecting to an MS Exchange server: gnutls_handshake: A packet with illegal or unsupported version was received. The problem does not exist with Mutt version 1.10.1-2.1. -- Package-specific info: Mutt 1.12.2 (2019-09-21) Copyright (C) 1996-2016 Michael R. Elkins and others. Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'. Mutt is free software, and you are welcome to redistribute it under certain conditions; type `mutt -vv' for details. System: Linux 5.2.0-3-amd64 (x86_64) ncurses: ncurses 6.1.20191019 (compiled with 6.1) libidn: 1.33 (compiled with 1.33) hcache backend: tokyocabinet 1.4.48 Compiler: Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/9/lto-wrapper OFFLOAD_TARGET_NAMES=nvptx-none:hsa OFFLOAD_TARGET_DEFAULT=1 Target: x86_64-linux-gnu Configured with: ../src/configure -v --with-pkgversion='Debian 9.2.1-12' --with-bugurl=file:///usr/share/doc/gcc-9/README.Bugs --enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++,gm2 --prefix=/usr --with-gcc-major-version-only --program-suffix=-9 --program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --enable-bootstrap --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-plugin --enable-default-pie --with-system-zlib --with-target-system-zlib=auto --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none,hsa --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu Thread model: posix gcc version 9.2.1 20191022 (Debian 9.2.1-12) Configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=\${prefix}/include' '--mandir=\${prefix}/share/man' '--infodir=\${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=\${prefix}/lib/x86_64-linux-gnu' '--libexecdir=\${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' '--with-mailpath=/var/mail' '--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache' '--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop' '--enable-sidebar' '--enable-nntp' '--enable-dotlock' '--disable-fmemopen' '--with-curses' '--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster' '--with-sasl' '--without-gdbm' '--without-bdb' '--without-qdbm' '--with-tokyocabinet' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/mutt-jb849v/mutt-1.12.2=. -fstack-protector-strong -Wformat -Werror=format-security' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2 -fdebug-prefix-map=/build/mutt-jb849v/mutt-1.12.2=. -fstack-protector-strong -Wformat -Werror=format-security Compile options: -DOMAIN +DEBUG -HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE +USE_FCNTL -USE_FLOCK +USE_POP +USE_IMAP +USE_SMTP -USE_SSL_OPENSSL +USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO +HAVE_REGCOMP -USE_GNU_REGEX +HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET +HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM +HAVE_FUTIMENS +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME -EXACT_ADDRESS -SUN_ATTACHMENT +ENABLE_NLS -LOCALES_HACK +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR +HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN -HAVE_LIBIDN2 +HAVE_GETSID +USE_HCACHE +USE_SIDEBAR +USE_COMPRESSED +USE_INOTIFY -ISPELL SENDMAIL="/usr/sbin/sendmail" MAILPATH="/var/mail" PKGDATADIR="/usr/share/mutt" SYSCONFDIR="/etc" EXECSHELL="/bin/sh" MIXMASTER="mixmaster" To contact the developers, please mail to . To report a bug, please contact the Mutt maintainers via gitlab: https://gitlab.com/muttmua/mutt/issues -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (900, 'testing'), (100, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.2.0-3-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages mutt depends on: ii libc6 2.29-2 ii libgnutls30 3.6.10-4 ii libgpg-error0 1.36-7 ii libgpgme111.13.1-1 ii