TLS handshake fails ("SSL_accept:error in error") for server->server connection (smtp submit dovecot->postfix) if /etc/pki/tls/openssl.cnf "Options=" includes 'ServerPreference' ?
pgnet.dev at gmail.com
Fri Sep 25 04:26:26 UTC 2020
On 9/24/20 9:13 PM, Viktor Dukhovni wrote:
> On Thu, Sep 24, 2020 at 08:30:35PM -0700, PGNet Dev wrote:
> Is that really the session you intended to capture.
The intention was to capture the tcp data 'thru' the failed event.
That^^ is the data streamed to console, with that^^ tshark command, from right before the moment I exec the msmtp send, until it fails ... and sits there.
Whether that tshark cmd correctly captures that 'intention', well that's a different issue.
> It is surprising that the client sent "QUIT<CRLF>" only .14 seconds after SYN,
> since if it expected to do SMTP STARTLS, it would typically wait for the
> server greeting for more than a fraction of a second.
So, iiuc, that's a dovecot faux pas?
I certainly don't supsect that it's the result of anything that postfix signals in the transaction.
If it's 'from' dovecot, how would I ferret out whether it's dovecot code "innards", or something in the (mis)function of linked openssl libs?
More information about the openssl-users