fetchmail-friends
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[fetchmail]Fetchmail 5.9.11 + SSL bug and workaround

2002-06-04 10:58:10
from [Jason Day] [Permanent Link] 
Hello All,

I just upgraded to fetchmail 5.9.11 from 5.8.1, and found that SSL wasn't
working anymore.  I saw a few messages about it on this list, but no
solutions, so I started debugging:

jday:spiderman$ ./fetchmail -v -v -v
fetchmail: 5.9.11 querying ipostoffice.worldnet.att.net (protocol POP3) at
Tue 04 Jun 2002 03:26:56 PM EDT: poll started
fetchmail: Warning: server certificate verification: self signed certificate
in certificate chain
fetchmail: Warning: server certificate verification: self signed certificate
in certificate chain
fetchmail: Issuer Organization: RSA Data Security, Inc.
fetchmail: Unknown Issuer CommonName
fetchmail: Server CommonName: ipostoffice.worldnet.att.net
fetchmail: ipostoffice.worldnet.att.net key fingerprint:
6D:16:DE:A0:E8:3F:A6:2D:2C:21:B4:19:58:47:24:1B
fetchmail: Warning: server certificate verification: self signed certificate
in certificate chain
fetchmail: POP3< +OK <12923(_dot_)1023204415(_at_)worldnet(_dot_)att(_dot_)net> 
(mtiwpsc09)
POP3/PROXY server #5
fetchmail: POP3> CAPA
fetchmail: POP3< +OK Capability list follows
fetchmail: POP3< EXPIRE NEVER
fetchmail: POP3< IMPLEMENTATION Maillennium/PROXY V04.30c++ [25-Jan-02]
cpu_spar
fetchmail: POP3< c.os_solaris_bsd.comp_gnu
fetchmail: POP3< LOGIN-DELAY 0
fetchmail: POP3< PIPELINING
fetchmail: POP3< RESP-CODES
fetchmail: POP3< STLS
fetchmail: POP3< TOP
fetchmail: POP3< UIDL
fetchmail: POP3< USER
fetchmail: POP3< .
fetchmail: POP3> STLS
    (Hangs here until timeout)
fetchmail: timeout after 300 seconds waiting for server
ipostoffice.worldnet.att.net.
fetchmail: client/server synchronization error while fetching from
ipostoffice.worldnet.att.net
fetchmail: 5.9.11 querying ipostoffice.worldnet.att.net (protocol POP3) at
Tue 04 Jun 2002 03:31:56 PM EDT: poll completed
fetchmail: Query status=7 (ERROR)

Fetchmail 5.8.1 output is similar, except it does not send the STLS after it
gets the caps, but just sends a USER.  So, I looked into pop3.c and found
this bit of code starting on line 234:

#ifdef SSL_ENABLE
       if (has_ssl &&
#if INET6_ENABLE
           ctl->server.service && (strcmp(ctl->server.service, "pop3s"))
#else /* INET6_ENABLE */
           ctl->server.port != 995
#endif /* INET6_ENABLE */
           )
...
#endif /* SSL_ENABLE */

The problem, I think, is that ctl->server.port never gets initialized (it's
zero), so I think this block of code gets executed when it should not.  None
of this code was in version 5.8.1, so I just commented out the whole block
and tried again, and it worked.

Hopefully, this is useful information for somebody :)
Jason
-- 
Jason Day                                       jasonday at
http://jasonday.home.att.net                    worldnet dot att dot net
 
"Of course I'm paranoid, everyone is trying to kill me."
    -- Weyoun-6, Star Trek: Deep Space 9
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [fetchmail]Header being rewritten incorrectly, Bruce Hauge
Next by Date:  Re: [fetchmail]Fetchmail 5.9.11 + SSL bug and workaround, Matt Kraai
Previous by Thread:  [fetchmail]Header being rewritten incorrectly, Bruce Hauge
Next by Thread:  Re: [fetchmail]Fetchmail 5.9.11 + SSL bug and workaround, Matt Kraai
Indexes:  [Date] [Thread] [Top] [All Lists]