Hi again,
While working on smtpd, i realized that my openssl[0] tests were failing
too. Obviously, the cipher info is empty.
openssl s_client -connect my_IP:25 -starttls smtp -tls1_1
...
...
New, (NONE), Cipher is (NONE)
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.1
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Start Time: 1595094409
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
...
Related log lines from "/var/log/maillog"
Jul 18 21:28:42 volgograd smtpd[32258]: d680225f58ddc566 smtp connected
address=XX.YY.ZZ.QQ host=mx.domainname.com
Jul 18 21:28:42 volgograd smtpd[32258]: d680225f58ddc566 smtp disconnected
reason="io-error: error:140270C1:SSL routines:ACCEPT_SR_CLNT_HELLO_C:no
shared cipher"
As you see in the above output there is no selected cipher for this
conversation. "Cipher : 0000 and New, (NONE), Cipher is (NONE)"
I'm trying to understand what is happening here but could not find any
clue. The smtpd.conf man page says, there is a default set of ciphers for
SSL / TLS connections.
