Ubuntu
courier package

Upgrade to Gutsy breaks Evolution/Courier SSL communication

Bug #156143 reported by Russel Winder
4
Affects Status Importance Assigned to Milestone
courier (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Yesterday I upgraded my server and workstations and laptops to Gutsy from Feisty. I used do_release_upgrade on the server and Update Manager on the workstations and laptops. After the upgrade Evolution and Courier IMAP SSL no longer talk to each other. I get very large numbers of errors:

Oct 23 06:26:30 dimen imapd-ssl: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

I have no idea what the bug actually is but I notice that Evolution uses libssl3-0d whereas Courier IMAP SSL uses libssl.0.9.8 -- I am guessing that there is some sort of incompatibility between the protocols used by the different libraries.

This is a blocker for me since using secured access to IMAP is required.

Thanks.

Revision history for this message
Scott Kitterman (kitterman) wrote : Re: [Bug 156143] Upgrade to Gutsy breaks Evolution/Courier SSL communication

The new version of Courier defaults to SSL v3 only. Apparently Evolution
is using v2. There's a setting to enable both v2 and v3. I need to be at
my desk to look it up, but I'll get it for you in the next few hours.

Revision history for this message
Scott Kitterman (kitterman) wrote :

You can see Bug #150067 for details.

set TLS_PROTOCOL=SSL23 in the config file

Changed in courier:
status: New → Invalid
Revision history for this message
Russel Winder (russel) wrote :

Splendid, that appears to have fixed the problem. Thanks muchly.

Apologies for not searching better and finding the earlier bug report.

Revision history for this message
Scott Kitterman (kitterman) wrote : Re: [Bug 156143] Re: Upgrade to Gutsy breaks Evolution/Courier SSL communication

On Tuesday 23 October 2007 09:27, Russel Winder wrote:
> Splendid, that appears to have fixed the problem. Thanks muchly.
>
> Apologies for not searching better and finding the earlier bug report.

No trouble. It's marked fix released, so it doesn't show up in default
searches.

This is something that really should be documented. If you would be willing,
it'd be very helpful if you could take a look at wiki.ubuntu.com and
help.ubuntu.com and find a place (I think there's some discussion about
Courer already) to add this information so others can find it.

Revision history for this message
Swâmi Petaramesh (swami-petaramesh) wrote :

Upgrading from Feisty to Gutsy completely broke SSL on my system :-(((

- Apache SSL b0rked
- Postifx TLS b0rked
- Courier-IMAP-SSL b0rked

* Sh***t * My server is unusable :-(((

I'll have to check for the fix...

Revision history for this message
Scott Kitterman (kitterman) wrote :

This particular issue (the Courier SSL V2/V3 change) will only affect Courier. I've personally upgraded multiple Postfix servers from Feisty to Gutsy with absolutely no TLS problems.

Revision history for this message
Swâmi Petaramesh (swami-petaramesh) wrote :

Sorry Scott. I guess that seing my server mostly broken on a sundy after a distro upgrade which I expected to go smoothly a bit upset me ;-)

Regarding Apache, a config update of /etc/apache2/ports.conf duplicated the "Listen *:443" that cas already in sites-available/ssl, causing Apache to die at startup if SSL was enabled...

Regarding Postfix, Postfix was not broke... DSPAM was, after the upgrade.

...and the "TLS_PROTOCOL=SSL23" fixed my Courier-IMAP-SSL

Things are going better not, but the upgrade was rather destructive (I upgraded 4 Ubuntu desktops prior to attempting to do it on the server, I wasn't expecting so many little breakages...)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.