On 26/10/17 13:28, Kadlecsik József wrote: > Hi, > > On Thu, 26 Oct 2017, Matt Caswell wrote: > >>> Oct 20 18:50:05 mail2 dovecot: imap-login: Debug: SSL error: SSL_read() >>> failed: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init >>> >>> The openssl package is 1.1.0f-3. >>> >>> The error messsage is total cryptic to me: how could three states be >>> intermixed? >>> >>> I think it's a dovecot issue about how the openssl library is used but I'm >>> unfamiliar with the details of the openssl library: what function, macro >>> is used incorrectly then, at which state? >> >> SSL_shutdown() is used to shut down an SSL/TLS connection that has >> already been established (meaning that the SSL/TLS handshake has >> completed and we are ready to send/receive application data). If you >> call SSL_shutdown() while the handshake is still in progress then you >> get the "shutdown while in init" error message. > > But why SSL_read() failed with this error message? That I can't explain since SSL_read() does not call SSL_shutdown(). Plausibly if SSL_read() fails (e.g. because the underlying TCP connection died) then dovecot could call SSL_shutdown() immediately even if it's still not completed the handshake. Then dovecot reports the SSL_read() failure along with the error message from the subsequent attempt to shutdown the connection. Just a theory. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
