[Bug 1039043] [NEW] exim tls fails: Diffie-Hellman prime too short
Krzysztof
kwarzecha7 at gmail.com
Mon Aug 20 14:08:34 UTC 2012
Public bug reported:
Hello,
This is upstream bug, see http://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=684340 and http://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=676563
Exim fails to send email with this message in log: "The Diffie-Hellman
prime sent by the server is not acceptable (not long enough).". This is
caused by patch 66_enlarge-dh-parameters-size.dpatch in source package
exim (one that you can download with 'apt-get source exim4'). This was
fixed in Debian by making DH_BITS value configurable.
$ lsb_release -rd
Description: Ubuntu 11.04
Release: 11.04
$ apt-cache policy exim4
exim4:
Installed: 4.74-1ubuntu1.2
Candidate: 4.74-1ubuntu1.2
Version table:
*** 4.74-1ubuntu1.2 0
500 http://mirror.ovh.net/ftp.ubuntu.com/ubuntu/ natty-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu/ natty-security/main amd64 Packages
100 /var/lib/dpkg/status
4.74-1ubuntu1 0
500 http://mirror.ovh.net/ftp.ubuntu.com/ubuntu/ natty/main amd64 Packages
What i excepted to happen: exim should deliver message if remote server
is using weak encryption and exim is configured to accept weak
encryption
What happened instead: exim refused to deliver message, there is no
option to make exim accept weak encryption. Message cannot be delivered
without messing with exim sources.
** Affects: exim4 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
https://bugs.launchpad.net/bugs/1039043
Title:
exim tls fails: Diffie-Hellman prime too short
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/1039043/+subscriptions
More information about the Ubuntu-server-bugs
mailing list