https://bugs.exim.org/show_bug.cgi?id=2255
Bug ID: 2255 Summary: TLS/SSL issue after upgading to 4.90 Product: Exim Version: 4.90 Hardware: x86 OS: FreeBSD Status: NEW Severity: bug Priority: medium Component: TLS Assignee: jgh146...@wizmail.org Reporter: exim....@mx.zzux.com CC: exim-dev@exim.org After Exim upgrade to 4.90_1 Outlook Express cannot send at first attempt (neither via TLS, nor via SSL). Immediate second attempt is always successful. This issue appears only when OE is first connected to an IMAPS server with the same hostname as Exim. Maybe OE is using some cached data which Exim rejects? If I downgrade to 4.89 then error disappears. First attempt log: 15:45:27.695 6120 SMTP<< STARTTLS 15:45:27.695 6120 setting SSL CTX options: 0x1104000 15:45:27.695 6120 Diffie-Hellman initialized from default with 2048-bit prime 15:45:27.695 6120 ECDH OpenSSL 1.0.2+ temp key parameter settings: autoselection 15:45:27.695 6120 tls_certificate file /data/mail//ssl/exim.crt 15:45:27.695 6120 tls_privatekey file /data/mail//ssl/exim.key 15:45:27.695 6120 Initialized TLS 15:45:27.695 6120 host in tls_verify_hosts? no (option unset) 15:45:27.695 6120 host in tls_try_verify_hosts? no (option unset) 15:45:27.695 6120 SMTP>> 220 TLS go ahead 15:45:27.696 6120 Calling SSL_accept 15:45:27.696 6120 SSL info: before/accept initialization 15:45:27.696 6120 SSL info: before/accept initialization 15:45:27.696 6120 SSL info: SSLv3 read client hello A 15:45:27.696 6120 SSL info: SSLv3 write server hello A 15:45:27.696 6120 SSL info: SSLv3 write certificate A 15:45:27.696 6120 SSL info: SSLv3 write server done A 15:45:27.696 6120 SSL info: SSLv3 flush data 15:45:27.696 6120 SSL info: SSLv3 read client certificate A 15:45:27.703 6120 SSL info: SSLv3 read client key exchange A 15:45:27.703 6120 LOG: MAIN 15:45:27.703 6120 TLS error on connection from (oemail121231) [192.168.232.195]:2015 I=[192.168.232.244]:587 (SSL_accept): error:00000000:lib(0):func(0):reason(0) Successful attempt log: 15:48:04.336 6140 SMTP<< STARTTLS 15:48:04.337 6140 setting SSL CTX options: 0x1104000 15:48:04.337 6140 Diffie-Hellman initialized from default with 2048-bit prime 15:48:04.337 6140 ECDH OpenSSL 1.0.2+ temp key parameter settings: autoselection 15:48:04.337 6140 tls_certificate file /data/mail//ssl/exim.crt 15:48:04.337 6140 tls_privatekey file /data/mail//ssl/exim.key 15:48:04.337 6140 Initialized TLS 15:48:04.337 6140 host in tls_verify_hosts? no (option unset) 15:48:04.337 6140 host in tls_try_verify_hosts? no (option unset) 15:48:04.337 6140 SMTP>> 220 TLS go ahead 15:48:04.337 6140 Calling SSL_accept 15:48:04.337 6140 SSL info: before/accept initialization 15:48:04.337 6140 SSL info: before/accept initialization 15:48:04.338 6140 SSL info: SSLv3 read client hello A 15:48:04.338 6140 SSL info: SSLv3 write server hello A 15:48:04.338 6140 SSL info: SSLv3 write certificate A 15:48:04.338 6140 SSL info: SSLv3 write server done A 15:48:04.339 6140 SSL info: SSLv3 flush data 15:48:04.339 6140 SSL info: SSLv3 read client certificate A 15:48:04.384 6140 SSL info: SSLv3 read client key exchange A 15:48:04.384 6140 SSL info: SSLv3 read certificate verify A 15:48:04.384 6140 SSL info: SSLv3 read finished A 15:48:04.384 6140 SSL info: SSLv3 write change cipher spec A 15:48:04.384 6140 SSL info: SSLv3 write finished A 15:48:04.384 6140 SSL info: SSLv3 flush data 15:48:04.384 6140 SSL info: SSL negotiation finished successfully 15:48:04.384 6140 SSL info: SSL negotiation finished successfully 15:48:04.384 6140 SSL_accept was successful 15:48:04.384 6140 Cipher: TLSv1:RC4-MD5:128 15:48:04.384 6140 Shared ciphers: RC4-MD5:RC4-SHA:DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA 15:48:04.384 6140 sender_fullhost = [192.168.232.195]:2017 15:48:04.384 6140 sender_rcvhost = [192.168.232.195] (port=2017) 15:48:04.384 6140 set_process_info: 6140 handling incoming TLS connection from [192.168.232.195]:2017 I=[192.168.232.244]:587 15:48:04.384 6140 TLS active 15:48:04.384 6140 Calling SSL_read(0x28840600, 0x28845000, 4096) 15:48:04.385 6140 SMTP<< EHLO oemail121231 -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##