> fwiw, I'm seeing issues with offlinemap and alpine seemingly as a result of > this bug. > > offlineimap now prints errors like: > Establishing connection to mail.brickies.net:993 > ERROR: While attempting to sync account 'ssm' > [Errno 104] Connection reset by peer
If offlinemap is offlinemap.com (with description "OffMaps: Offline Maps App for iPhone, iPad & iPod Touch"), then it could be Apple's broken SecureTransport *if* the server is running Apple software. The bug is courtesy of a bad ECDHE-ECDSA implementation. See [1] and [2] for details. Apple never published an advisory or credited folks with the bug. So its hard to say what versions of their operating system are affected by the broken SecureTransport. Its believed to affect OS X 10.8 through 10.8.4 or so. Its also believed to affect iOS 7 through iOS 7.4 or so. Its also believed that Apple did not backport the fix, so broken versions of their SecureTransport will remain broken. The OpenSSL folks provided a workaround to the Apple ECDHE-ECDSA bug. But there are two issues with it. First, a developer must "opt-in" by setting SSL_OP_SAFARI_ECDHE_ECDSA_BUG on the context (SSL_CTX object). Second, I'm not sure if SSL_OP_SAFARI_ECDHE_ECDSA_BUG is available in the 1.0.1 branch. [1] http://openssl.6102.n7.nabble.com/openssl-org-3068-PATCH-Safari-broken-ECDHE-ECDSA-workaround-td45432.html [2] http://openssl.6102.n7.nabble.com/Apple-are-apparently-dicks-td45512.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1257877 Title: TLSv1.2 enabling tracker bug To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1257877/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
