** Bug watch added: Debian Bug tracker #908063 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908063
** Also affects: sylpheed via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908063 Importance: Unknown Status: Unknown ** No longer affects: sylpheed ** Also affects: sylpheed (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908063 Importance: Unknown Status: Unknown ** Also affects: sylpheed (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: sylpheed (Ubuntu Eoan) Importance: Undecided Status: Triaged ** Also affects: sylpheed (Ubuntu Disco) Importance: Undecided Status: New ** Description changed: + [impact] + IMAP connection to imap.gmail.com over SSL returns self-signed certificate. Though you can still connect to imap.gmail.com using this certificate, it would be better to fix it to avoid this scary warning (self-signed certificate) and provide a smoother user experience. - Test Case + [Test Case] Create IMAP account for gmail.com in sylpheed. To do this, select "Create new account" from the "Configuration" in the main menu. "New account setup" window will appear. Select "IMAP4 (Gmail)" and follow instructions in that window. After setup is finished check for new email for newly created account. You should get a warning complaining about self-signed certificate. With fixed package, try the same. This time you should not get the warning. + + [regression potential] + + low, as this only sets SNI, however any regression would likely result + in SSL connection failures. + + [other info] + + for Bionic, this is almost certainly a regression caused by the openssl + upgrade to 1.1. + + + --- Original Description -------------------- Problem appeared after upgrading from Ubuntu 18.04 to 18.10. When starting Sylpheed, connecting to imap.gmail.com over SSL, I get a warning embedded in the SSL certificate: "Subject: /OU=No SNI provided; please fix your client./CN=invalid2.invalid " May be related to this bug report about 'fetchmail' in redhat enterprise when it was still using TLSv1.2 instead of TLSv1.3: https://bugzilla.redhat.com/show_bug.cgi?id=1611815 https://gitlab.com/fetchmail/fetchmail/commit/9b8b634312f169fab872f3580c2febe5af031615 ProblemType: Bug DistroRelease: Ubuntu 18.10 Package: sylpheed 3.5.1-1ubuntu3 ProcVersionSignature: Ubuntu 4.18.0-10.11-generic 4.18.12 Uname: Linux 4.18.0-10-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.10-0ubuntu13 Architecture: amd64 CurrentDesktop: XFCE Date: Tue Oct 23 00:27:01 2018 InstallationDate: Installed on 2016-06-05 (869 days ago) InstallationMedia: Xubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1) SourcePackage: sylpheed UpgradeStatus: Upgraded to cosmic on 2018-10-21 (1 days ago) modified.conffile..etc.default.apport: [modified] mtime.conffile..etc.default.apport: 2018-03-20T22:16:27.108498 ** Tags added: regression-update ** Description changed: [impact] IMAP connection to imap.gmail.com over SSL returns self-signed certificate. Though you can still connect to imap.gmail.com using this certificate, it would be better to fix it to avoid this scary warning (self-signed certificate) and provide a smoother user experience. [Test Case] Create IMAP account for gmail.com in sylpheed. To do this, select "Create new account" from the "Configuration" in the main menu. "New account setup" window will appear. Select "IMAP4 (Gmail)" and follow instructions in that window. After setup is finished check for new email for newly created account. You should get a warning complaining about self-signed certificate. With fixed package, try the same. This time you should not get the warning. [regression potential] low, as this only sets SNI, however any regression would likely result in SSL connection failures. [other info] for Bionic, this is almost certainly a regression caused by the openssl upgrade to 1.1. + for Disco and Eoan, this functionality likely has never worked, as we + haven't synced this package from Debian since Bionic. + + Debian does have this patch as noted in the Affects section. --- Original Description -------------------- Problem appeared after upgrading from Ubuntu 18.04 to 18.10. When starting Sylpheed, connecting to imap.gmail.com over SSL, I get a warning embedded in the SSL certificate: "Subject: /OU=No SNI provided; please fix your client./CN=invalid2.invalid " May be related to this bug report about 'fetchmail' in redhat enterprise when it was still using TLSv1.2 instead of TLSv1.3: https://bugzilla.redhat.com/show_bug.cgi?id=1611815 https://gitlab.com/fetchmail/fetchmail/commit/9b8b634312f169fab872f3580c2febe5af031615 ProblemType: Bug DistroRelease: Ubuntu 18.10 Package: sylpheed 3.5.1-1ubuntu3 ProcVersionSignature: Ubuntu 4.18.0-10.11-generic 4.18.12 Uname: Linux 4.18.0-10-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.10-0ubuntu13 Architecture: amd64 CurrentDesktop: XFCE Date: Tue Oct 23 00:27:01 2018 InstallationDate: Installed on 2016-06-05 (869 days ago) InstallationMedia: Xubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1) SourcePackage: sylpheed UpgradeStatus: Upgraded to cosmic on 2018-10-21 (1 days ago) modified.conffile..etc.default.apport: [modified] mtime.conffile..etc.default.apport: 2018-03-20T22:16:27.108498 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799345 Title: Sypheed not (or no longer) using SNI for SSL connections To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sylpheed/+bug/1799345/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
