[Bug 155699] Re: nagios Plugin check_imap fails with SSL3
Matthias Eble
psychotrahe at aol.de
Sat May 23 09:15:58 BST 2009
This is rather an issue of the IMAP daemon IMO.
from http://openssl.org/docs/ssl/SSL_CTX_new.html:
SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
A TLS/SSL connection established with these methods will understand
the SSLv2, SSLv3, and TLSv1 protocol. A client will send out SSLv2
client hello messages and will indicate that it also understands SSLv3
and TLSv1. A server will understand SSLv2, SSLv3, and TLSv1 client hello
messages. This is the best choice when compatibility is a concern.
So I'd say the server should accept v2 Hellos and end the connection if v2 is the only protocol the client can talk.
However maybe adding "--dont-use-sslvX" arguments would be a nice feature enhancement for nagios plugins.
Matthias
--
nagios Plugin check_imap fails with SSL3
https://bugs.launchpad.net/bugs/155699
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nagios-plugins in ubuntu.
More information about the Ubuntu-server-bugs
mailing list