Your message dated Sun, 02 Nov 2014 09:35:16 +0000
with message-id <[email protected]>
and subject line Bug#759259: fixed in wmbiff 0.4.27-2.3
has caused the Debian Bug report #759259,
regarding wmbiff: Can't connect to dovecot with self-signed certificate
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
759259: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759259
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: wmbiff
Version: 0.4.27-2.2
Severity: important
Dear Developers,
The recent NMU breaks wmbiff for me. I'm trying to connect to a dovecot
running on a wheezy server, IMAPS with a self-signed certificate.
This is the log I get with wmbiff -skip-certificate-check -debug:
[removed]
wmbiff uses gnutls for TLS/SSL encryption support:
If you distribute software that uses gnutls, don't forget
to warn the users of your software that gnutls is at a
testing phase and may be totally insecure.
Consider yourself warned.
[removed]
wmbiff: looking for /usr/share/wmbiff/skins/wmbiff-master-led.xpm
wmbiff: found /usr/share/wmbiff/skins/wmbiff-master-led.xpm
wmbiff: running 10 mailboxes w 64 h 119
wmbiff/PRIV : working on [0].label=>PRIV :< [0].path=>Privat<
wmbiff/PRIV : curtime=1408982048, prevtime=0, interval=50
wmbiff/PRIV : imap4: Need new connection to [user removed]@[host removed]
wmbiff/PRIV : comm: certificate passed time check.
wmbiff/PRIV : comm: server's certificate (O=Dovecot mail
server,OU=localhost,CN=localhost,EMAIL=root@[host removed]) does not match its
hostname (mail.[host removed]).
wmbiff/PRIV : comm: server's certificate does not match its hostname.
wmbiff/PRIV : comm: certificate check ok.
wmbiff/PRIV : comm: mail.[host removed]:993: Handshake was completed
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
# The hostname in the certificate does NOT match 'mail.[host removed]'.
# valid since: Tue May 6 22:59:31 CEST 2014
# expires at: Sun May 5 22:59:31 CEST 2024
# serial number: 00 b6 db df 6e 10 77 47 cc
# fingerprint: 43 da 8f 07 cc da 19 e7 c8 aa 35 bc 0a 5b d0 fd
# version: #3
# public key algorithm: RSA
# Modulus: 2048 bits
# Subject's DN: O=Dovecot mail
server,OU=localhost,CN=localhost,EMAIL=root@[host re
moved]
# Issuer's DN: O=Dovecot mail
server,OU=localhost,CN=localhost,EMAIL=root@[host removed]
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: DEFLATE
wmbiff/PRIV : comm: wrote a000 CAPABILITY
wmbiff/PRIV : comm: mail.[host removed]:993: expecting: * CAPABILITY
wmbiff/PRIV : comm: mail.[host removed]:993: Received corrupted data(-78) -
server
has terminated the connection abnormally
wmbiff/PRIV : comm: mail.[host removed]:993: gnutls error reading: Too many
empty
record packets have been received.
wmbiff/PRIV : imap4: unable to query capability stringwmbiff/PRIV : comm: wrote
a002
LOGOUT
wmbiff/PRIV : comm: mail.[host removed]:993: closing.
[...]
dovecot logs:
dovecot: imap-login: Aborted login (no auth attempts in 0 secs): user=<>,
rip=[removed], lip=[removed], TLS, session=<[removed]>
Rebuilding without 16_gnutls_deprecated.diff fixes the problem, so does
rebuilding against an older libgnutls-dev package. That doesn't help
much though as wmbiff needs to be updated (#624083 and #638736).
I'm not much of a C coder and couldn't figure out anything else, but I'd
be happy to try patches or other suggestions.
Thanks for maintaining wmbiff,
Nicolas
- Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.14-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages wmbiff depends on:
ii libc6 2.19-9
ii libgcrypt20 1.6.2-2
ii libgnutls-deb0-28 3.3.6-2
ii libx11-6 2:1.6.2-3
ii libxext6 2:1.3.2-1
ii libxpm4 1:3.5.11-1
ii zlib1g 1:1.2.8.dfsg-2
wmbiff recommends no packages.
Versions of packages wmbiff suggests:
ii ruby 1:2.1.0.4
ii ssh-askpass 1:1.2.4.1-9
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: wmbiff
Source-Version: 0.4.27-2.3
We believe that the bug you reported is fixed in the latest version of
wmbiff, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Metzler <[email protected]> (supplier of updated wmbiff package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 02 Nov 2014 08:04:00 +0100
Source: wmbiff
Binary: wmbiff
Architecture: source i386
Version: 0.4.27-2.3
Distribution: unstable
Urgency: medium
Maintainer: Neil Spring <[email protected]>
Changed-By: Andreas Metzler <[email protected]>
Description:
wmbiff - A dockable app that displays information about mailboxes
Closes: 759259
Changes:
wmbiff (0.4.27-2.3) unstable; urgency=medium
.
* Non-maintainer upload.
* 20_gnutls_set_default_priority.diff: Use gnutls_set_default_priority()
to get GnuTLS upstream's recommended default values (SSL/TLS versions,
ciphers, et al.) instead of setting local defaults using the deprecated
gnutls_cipher_set_priority/gnutls_protocol_set_priority/... functions.
This fixes transmission errors to modern systems. Closes: #759259
(Thanks to Nye Liu for debugging the issue and finding the solution.)
Checksums-Sha1:
d34c2a2c92088818219ca1dcc128a0fc66078ace 1791 wmbiff_0.4.27-2.3.dsc
9c86d7b3300d08fe3624a937ea2c45b682687a7d 64328 wmbiff_0.4.27-2.3.debian.tar.xz
8177289497231802fcc8c2aafdae7e0e5a5e1ef2 95098 wmbiff_0.4.27-2.3_i386.deb
Checksums-Sha256:
cc3ea34d6f278e1bb3e48f67acf63bb0b50d0995496df3a98819159181565b58 1791
wmbiff_0.4.27-2.3.dsc
4fdc06ad7aa7bed3c13edf3941675d883532e6d94ae17316a7e8a5f81213c346 64328
wmbiff_0.4.27-2.3.debian.tar.xz
0fa544950e9b38b882288881e76549130b615a6e147a1ff2a6fa35008a2270ef 95098
wmbiff_0.4.27-2.3_i386.deb
Files:
9bbe07f96daf826832ea0b7b401a0ca5 1791 x11 optional wmbiff_0.4.27-2.3.dsc
a565c3e486efd3d377c130819de296f7 64328 x11 optional
wmbiff_0.4.27-2.3.debian.tar.xz
7af1bcd9de4e01e863e93080a23a298c 95098 x11 optional wmbiff_0.4.27-2.3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUVeMuAAoJEKVPAYVDghSErPYP/An+g5qLKRFitAWyHpn4E/4z
SQpVPf8udmK/ukMQfGuLaQcf+qpSVGSc7ir5sCAnmduPyoqk+BA/tnQ7jKDfr1vj
NcFD7a9oG6iSPE3YEPt7mePjikN9SlZW2b8AEFcodnc1KYiv9/pM3p3XJdsUozsp
6QNnZ7X20NO7NbKkQcqfXIdY67BoqJvUUdu3A0/9oQlG9Kx8fN/zw9/3GJeYPFmZ
FZYSRNoWdvPC2a+HnrpykFlxIGu0cUQY3yZdmjBTROb+B9/XD8tG+8tCSIPY/7yp
Ln0Ya5jnuBhZsL9uxXoJUAe3HO2MJOnYex7YHmOctPdMgTRoGTbnaG8L/NtetE9B
MIB1MYJ0/SU+lh4+xgqlZ7nWBaI/cpD/Y1EEppZQZ/eg3lwUx3cKFx2M9tODim5d
32z396VZgJ7p1W4o2dg9FF9rpIYuKSw6wzvc9Kpulh+rGFpDMDhoG52m+Nljez92
7Aij/HFiMFxmW60Eoc5XYcZJ2sgC8c4MUH3c7RhyIqT3uhYhqWYUIenS+Jph5fuK
T90KReti9+rRlP4t9Gq5dFLAj7TG8ur3RzgatfRKPcxnlP2YcU6gaM5WVKO9kISV
yHeSTvbZXNSXicPMyxcHsBgw6F1hGSRxhZx7POAdDrCtVQrKSn1PYmRAXctTG/oE
s8MgFKXrDbx5rL8OnHNg
=BY9q
-----END PGP SIGNATURE-----
--- End Message ---
