[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 Jeremy Harris changed: What|Removed |Added Status|ASSIGNED|RESOLVED

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #29 from Serg --- Just for feedback, Last changes in tls-openssl.c (Comment 27) was successfully for us. Problems with our client-soft was solved. Thank you for all your work. -- You are receiving this mail because: You

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 Marcin Gryszkalis changed: What|Removed |Added CC||m...@fork.pl --- Comment #28

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 Git Commit changed: What|Removed |Added CC||g...@exim.org --- Comment #27 from

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #26 from exim@mx.zzux.com --- As I see, there is four ways to avoid send error: 1 Stop using SSL/TLS at all :) 2 Set different hostnames for IMAP and SMTP 3 Change client software 4 Remove code part as described

Re: [exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

> On Apr 4, 2018, at 2:35 PM, admin--- via Exim-dev wrote: > > We are ready to attach any dumps of exim debug or wireshark if it's necessary. A "tshark" decode of the TLS handshake (text is better than screenshots) would be most useful, one where the session cache mode is

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #25 from Serg --- I agree, but at this moment they are stopped supporting of substantial part of their mail-clients (like Outlook Express, Windows Live 2009,2012, MS Office Outlook 2003, 2007). Thats will be their answer i

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #24 from Jeremy Harris --- I guess the other question that ought to be asked is: has the problem been described to Microsoft, and what answer did they give? -- You are receiving this mail because: You are on the CC

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #23 from Serg --- Yes, of course, we saw the difference between "old" and "new" version of tls-openssl.c. Patch replace line "(void) SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);" to this construction: #ifdef

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #22 from Phil Pennock --- But the patch removes that line, so if you applied the patch then that line is no longer present. The patch replaces that line with one which leaves session cache negotiation enabled (AIUI) but

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #21 from Serg --- P.S. The method which is described in Comment 13 - removing line of disabling session cache from tls-openssl.c: "(void) SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); " in our case was

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #20 from Serg --- Thanks for feedback (and for all another work) to developers. Hurry to talk about our results. Sadly, but in our case we don,t get a progress in problem decision. Steps on CentOS 7.4: 1. Download sources

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #19 from Phil Pennock --- Patch looks sane to me. Folks who have experienced problems: can you please try this patch and report back as to whether or not it addresses the problems? -- You are receiving this mail because:

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 Jeremy Harris changed: What|Removed |Added Status|NEW |ASSIGNED -- You are

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #18 from Jeremy Harris --- Created attachment 1080 --> https://bugs.exim.org/attachment.cgi?id=1080=edit set no internal session cache -- You are receiving this mail because: You are on the CC list for the bug. --

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 Phil Pennock changed: What|Removed |Added CC||p...@exim.org --- Comment #16

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #17 from Phil Pennock --- Re forward secrecy: we don't support configuring an encryption key for session tickets, so it's all going to be session caching. If we disable use of the internal session store, and don't configure

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #15 from Jeremy Harris --- Background: the coding in Exim was changed as a result of this conversation: https://lists.exim.org/lurker/message/20170329.184757.37924032.en.html -- You are receiving this mail because:

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #14 from Jeremy Harris --- (In reply to Serg from comment #13) > So, which ways we have now? Try to find out how to tell Outlook not to try to use session caching against the SMTP target (more particularly, not to

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 Serg changed: What|Removed |Added CC||s8...@yandex.ru --- Comment #13 from

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #12 from exim@mx.zzux.com --- I have removed next lines /* Disable session cache unconditionally */ (void) SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); of file 'tls-openssl.c' and then Exim was recompiled. It was solved

Re: [exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

> On Mar 13, 2018, at 12:55 PM, admin--- via Exim-dev wrote: > > You would have to set NO_TICKET on the IMAP server, not > Exim. > > What you could try, although I do not know whether it works, > is to set -no_ticket in Exim, thus disabling the disabling of > tickets.

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #11 from exim@mx.zzux.com --- A day before writing this topic I was trying various combinations of "openssl_options" in Exim config, most of them were with no effect except few of them, when SSL/TLS was unavailable at all. Now I've added

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #10 from Thorsten --- You would have to set NO_TICKET on the IMAP server, not Exim. What you could try, although I do not know whether it works, is to set -no_ticket in Exim, thus disabling the disabling of

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #8 from Jeremy Harris --- Also, given comment 5, you could try setting a nondefault openssl_options. Before 7006ee24ec it was "+no_sslv2 +single_dh_use". After: "+no_sslv2 +single_dh_use +no_ticket" -- You are

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #7 from Jeremy Harris --- It might be a good idea to ask the OpenSSL mailing list: openssl-users.openssl.org -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 tomputer changed: What|Removed |Added CC||e...@tomputer.nl --- Comment #6

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 Thorsten changed: What|Removed |Added CC||thorsten.ha...@freenet.ag

Re: [exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

> On Mar 12, 2018, at 2:03 PM, admin--- via Exim-dev wrote: > > I was found differences between failure and success on 4.90_1 and 4.89. > But I'm absolutely puzzled how to copy readable packet description from > Wireshark to clipboard. There's an example of how to do this

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #4 from exim@mx.zzux.com --- I was found differences between failure and success on 4.90_1 and 4.89. But I'm absolutely puzzled how to copy readable packet description from Wireshark to clipboard. Exim 4.90 is missing SessionId in server

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #3 from Jeremy Harris --- Either side is fine for this. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #2 from exim@mx.zzux.com --- The both logs are on 4.90_1. Where I must to catch traffic with Wireshark - on the Windows side? -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at

[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

https://bugs.exim.org/show_bug.cgi?id=2255 --- Comment #1 from Jeremy Harris --- We don't have particularly good insight into what the SSL libraries do (though I'm concerned that you managed to negotiate such a weak cipher). Was the working conn you show using 4.89 or