Re: [openssl-users] Re: SSL / SMTP

Wed, 17 Apr 2013 10:46:51 -0700 

Le 17/04/2013 18:40, Joan Moreau a écrit :

Le 17/04/2013 14:18, Viktor Dukhovni a écrit :


On Wed, Apr 17, 2013 at 07:24:23AM +0000, Joan Moreau wrote:
2013-04-17T09:17:36.573675+02:00 server postfix/smtpd[16725]: warning: TLS library problem: 16725:error:140D308A:SSL routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable:t1_enc.c:597: 2013-04-17T09:17:36.573971+02:00 server postfix/smtpd[16725]: lost connection after CONNECT from wana-25-254-12-196.wanamaroc.com[196.12.254.25] Can you help ? 

No. Install a fresh O/S image on new hardware and use that as your
mail server. If a fresh install with the default Postfix for the
O/S does not work, come back to the Postfix-users list for help.

You've already consumed a lot of cycles on the Postfix-users list.
Now you are trying the openssl-users list without referencing the
prior long thread which shows your system to be messed up.
Please Viktor, I don't need your insults and mis-behaving and lack of politeness.
My system is not "messed up", I have thousands of people working with since ages. Now, i'll appreciate very much some help instead of those useless attacks.
Reading the mentioned postfix-users thread, it seems Viktor is right, you messed up with your server, compiling and installing your own cutting-edge kernels and binaries, without using a package manager, on a production server.
You may try to locate the libraries that have been used during compilation, and the ones that are used by your running postfix, and compare them. The first answer is to be found somewhere in the compilation logs, the answer to the second question can be found running the following: ps faux | grep postfix | awk '{ print $2 }' | xargs -L 1 lsof -p | grep -E "libcrypto|libssl" considering that your postfix binary runs under the identity "postfix", and that you're root (or add a sudo before xargs).
I don't think It's a SHA2 error, as I'm rejected by your server when I contact it with RC4-SHA (something that is permitted by your ciphersuite string). 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to