This is fixed! I built OpenSSL 0.9.8j on a whim and noticed it fixed a bizarre problem with OpenSSH 5.1p1 that I was working on in a pre-production environment. We were using an older 0.9.8 rev prior to this. I then did a 'make clean; make; sudo make install' in my cyrus-sasl source tree (which links against the static openssl libs), and did the same for the cyrus-imapd tree. Beats me! Jan 21 15:10:20 imapsrv imap[9928]: [ID 574029 local6.debug] SSL_accept() incomplete -> wait Jan 21 15:10:20 imapsrv imap[9928]: [ID 867439 local6.debug] SSL_accept() succeeded -> done Jan 21 15:10:20 imapsrv imap[9928]: [ID 379946 local6.notice] starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication Jan 21 15:10:20 imapsrv imap[9928]: [ID 529592 local6.notice] login: myclient.our.com [xx.xx.6.52] jblaine plain+TLS User logged in Wesley Craig wrote: > On 21 Jan 2009, at 12:41, Jeff Blaine wrote: >> FWIW, Thunderbird with SSL on port 993 pops up a box saying >> incorrect Message authentication code. I forgot to mention >> that. > > That's interesting. What platform are you running this on? What > compiler did you use to build openssl? What optimization flags did you > use? (You might try building openssl with reduced optimization and see > what results you get.) > > :wes > ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
