[Bug 1356843] Re: ccs received early
Marc Deslauriers
marc.deslauriers at canonical.com
Fri Aug 15 18:56:16 UTC 2014
OK, it turns out there is an incompatibility between the postfix package
in precise and the version of openssl in precise.
This was fixed in postfix 2.10.2 by the following change:
20130616
TLS Performance: the Postfix SMTP server TLS session cache
was ineffective because recent OpenSSL versions enable
session tickets by default, resulting in a different ticket
encryption key for each smtpd(8) process. The workaround
turns off session tickets. In 2.11 we'll enable session
tickets properly. Viktor Dukhovni. File: tls/tls_server.c.
This was causing the postfix server to respond in an invalid way,
resulting in the openssl security fix to trigger the error.
** Package changed: openssl (Ubuntu) => postfix (Ubuntu)
** Also affects: postfix (Ubuntu Precise)
Importance: Undecided
Status: New
** Changed in: postfix (Ubuntu)
Status: New => Fix Released
** Changed in: postfix (Ubuntu Precise)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1356843
Title:
ccs received early
Status in “postfix” package in Ubuntu:
Fix Released
Status in “postfix” source package in Precise:
Confirmed
Bug description:
Postfix is causing a TLS error, when relaying mails with TLS encryption:
warning: TLS library problem: 31807:error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early:s3_pkt.c:1146:
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1356843/+subscriptions
More information about the foundations-bugs
mailing list