[Bug 369591] Re: Unable to connect to IMAP w/STARTTLS: Connection reset by peer

Maarten Bezemer maarten.bezemer at gmail.com
Sat May 12 19:33:19 UTC 2012 

Thank you for taking the time to report this bug and helping to make
Ubuntu better. We are sorry that we do not always have the capacity to
look at all reported bugs in a timely manner. There have been many
changes in Ubuntu since that time you reported the bug and your problem
may have been fixed with some of the updates. It would help us a lot if
you could test it on a currently supported Ubuntu version. When you test
it and it is still an issue, kindly upload the updated logs by running
apport-collect 369591 and any other logs that are relevant for this
particular issue.

** Changed in: openssl (Ubuntu)
       Status: New => Incomplete

** Changed in: mail-notification
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/369591

Title:
  Unable to connect to IMAP w/STARTTLS: Connection reset by peer

Status in Mail Notification:
  Incomplete
Status in “openssl” package in Ubuntu:
  Incomplete

Bug description:
  When I try to use mail-notification (5.4.dfsg.1-1ubuntu1 compiled
  w/openssl), I am unable to connect to my IMAP server.  I always get
  the following:

  $ mail-notification -i
  ** INFO: server: resolving server
  ** INFO: server: connecting to server (xxx.xxx.xxx.xxx) port 143
  ** INFO: server: connected successfully
  ** INFO: server: < * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE ACL ACL2=UNION STARTTLS LOGINDISABLED] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.
  ** INFO: server: > a000 STARTTLS
  ** INFO: server: < a000 OK Begin SSL/TLS negotiation now.
  ** INFO: server reported an error: unable to perform the SSL/TLS handshake: Connection reset by peer

  I have used Thunderbird for years to connect to this account.  I
  decided to try the openssl client, and discovered that it will not
  connect unless I force it to use TLS1 like so:

  $ openssl s_client -connect server:143 -starttls imap -tls1

  Without -tls1, I get:

  $ openssl s_client -connect server:143 -starttls imap -msg -prexit
  CONNECTED(00000003)
  >>> SSL 2.0 [length 0074], CLIENT-HELLO
      01 03 01 00 4b 00 00 00 20 00 00 39 00 00 38 00
      00 35 00 00 16 00 00 13 00 00 0a 07 00 c0 00 00
      33 00 00 32 00 00 2f 03 00 80 00 00 05 00 00 04
      01 00 80 00 00 15 00 00 12 00 00 09 06 00 40 00
      00 14 00 00 11 00 00 08 00 00 06 04 00 80 00 00
      03 02 00 80 1a 4c 8c c6 c2 08 ce 27 58 48 84 ce
      30 9e e8 b5 ae 66 c5 0a e8 65 1d e1 82 1a 67 71
      e6 dd 83 dc
  write:errno=104
  ---
  no peer certificate available
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 557 bytes and written 144 bytes
  ---
  New, (NONE), Cipher is (NONE)
  Compression: NONE
  Expansion: NONE
  ---

  Perhaps mail-notification is doing the same thing.  If so, there
  either needs to be a way to explicitly set the protocol, or openssl
  needs to fix its auto-negotiation.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mail-notification/+bug/369591/+subscriptions

More information about the foundations-bugs mailing list