On Wed, Jun 26, 2013 at 6:08 PM, James Turner <[email protected]> wrote:
> First, if you connect to port 995 with telnet instead of say openssl
> s_client and issue any command pop3d dies and leaves the following
> "fatal: session lost". Even running ^] from telnet after connecting is
> enough to cause this behavior.
Well, isn't that true? The TLS handshake failed so the apparent
connection was never completed at the TLS layer.
> Second, below is a openssl s_client session. Everything is good up until
> the point when I issue RETR 1. I then get disconnected with the below
> message. I'm using a self-signed cert if that matters.
>
> openssl s_client -connect localhost:995
POP3 uses CRLF terminated lines, so you should be using the -crlf option too.
> RETR 1
> RENEGOTIATING
Per openssl(1):
When used interactively (which means neither -quiet nor -ign_eof have
been given), the session will be renegotiated if the line begins with an
R; if the line begins with a Q or if end of file is reached, the
connection will be closed down.
However...
> 13434653967248:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
..._that_ seems like a bug in the renegotiation handling.
Philip Guenther
